§47 · Lane 8 — Agent Infrastructure Standards & Toolchain
IETF Internet-Draft — AI Agent Authentication and Authorization
Kasselman et al. (2026) · draft-klrc-aiagent-auth-01
Bibliographic data
- Title
- IETF Internet-Draft — AI Agent Authentication and Authorization (draft-klrc-aiagent-auth-01)
- Authors / Issuing body
- Pieter Kasselman (Defakto Security), Jeff Lombardo (AWS), Yaroslav Rosomakho (Zscaler), Brian Campbell (Ping Identity), Nick Steele (OpenAI)
- Venue / Publisher
- Internet Engineering Task Force (IETF) — individual Internet-Draft (not WG-adopted)
- Year
- 2026
- Designation
- internet-draft
- Licence
- IETF Trust LP — refer to publisher for full licence terms.
How to cite
Kasselman et al. (2026). IETF Internet-Draft — AI Agent Authentication and Authorization (draft-klrc-aiagent-auth-01). Internet Engineering Task Force (IETF) — individual Internet-Draft (not WG-adopted). https://datatracker.ietf.org/doc/draft-klrc-aiagent-auth/.
IETF draft setting out authentication and authorisation considerations for AI agents acting on behalf of users, building on OAuth 2.0 and related token mechanisms.
Why it matters for NETEVO
This draft is the most current published treatment of how to authenticate and authorise AI agents acting on behalf of users. The author list signals industry coverage: Defakto Security, AWS, Zscaler, Ping Identity and OpenAI — the operational surface NETEVO clients integrate against. The Agent Infrastructure Whitepaper Dimensions 1 (identity and scoping) and 2 (policy-as-code) are the architectural surfaces where this draft applies.
The draft references the OAuth 2.0 family RFCs (9068, 9700, 7523, 6749, 7591, 9728, 8414, 8693, 7662) and HTTP Message Signatures (RFC 9421). NETEVO clients with established OAuth investments can extend rather than replace; this is the path the draft articulates.
This is an individual submission, not Working-Group-adopted, so it carries no formal IETF standing. The klrc tag encodes author surnames Kasselman, Lombardo, Rosomakho and Campbell; Steele is the fifth author. NETEVO tracks the draft weekly and watches for the next revision and for Working-Group adoption.
Where NETEVO applies this
- Agent Infrastructure Whitepaper — load-bearing — Dimensions 1 and 2 (identity scoping plus policy-as-code)