Agentic ID? Vint Cerf Joins Project To Give Every AI Agent A Durable Identifier

1 hour ago 2
 who are they? What are they doing? Are they legit and aboveboard?

AI agents are getting more and more popular. As they do, the question becomes: who are they? What are they doing? Are they legit and aboveboard?

NurPhoto via Getty Images

AI agents are getting big. DoorDash just released a command-line interface (CLI) so agents can order food – presumably not for themselves. Adobe just told me it’ll be adding agentic commerce features to its massive Adobe Commerce platform, used by brands like Coca-Cola and Major League Baseball. But there’s a problem: agents are anonymous.

Maybe not anymore.

Vint Cerf, who helped build the plumbing that the internet runs on, is joining a project to provide an "accountability anchor" for AI agents. If it works and gets adopted, internet infrastructure could be able to query agents about their identity, enabling development of an agentic trust layer.

"The internet has always evolved by addressing foundational infrastructure challenges before they became systemic constraints," said Vint Cerf, who co-designed the TCP/IP protocols that underpin the modern internet. “AI agents are driving the next major architectural evolution, and questions of identity, accountability, and interoperability require the same thoughtful architectural approach that enabled the internet to scale. I look forward to helping shape that work.”

AI agents are quickly graduating from research demos to real economic actors that book, buy, and transact on our behalf.

On July 15, the same day the Cerf news broke, DoorDash quietly opened a limited beta of dd-cli, a command-line tool that lets developers and AI agents search stores, build carts and place real food orders. That means you can literally talk to your agent, ask it to order a pizza – and presumably pay using your DoorDash wallet – and go back to whatever you were doing until it arrives at your door. That’s going to be connected to your account, but tens of millions of OpenClaw agents and NanoClaw agents roam the web for research and other purposes, with no other identity or verification than their IP address.

In an era not lacking bad actors, that’s a problem.

As agents begin acting across companies, clouds, governments and critical infrastructure, there's still no durable identity layer that establishes who stands behind a given autonomous agent. If an agent misbehaves, floods a system, or takes an unauthorized action, the organization on the receiving end often has no reliable way to determine who is responsible for it.

The project to solve that problem, launched by Bellevue, Washington based Innovation Labs, is DNSid: an open framework that would anchor durable identity for AI agents to the existing Domain Name System. That’s the decades-old technology that lets your browser deliver a website to your computer or phone without you having to know a long and complicated internet protocol (IP) address. In June, Innovation Labs submitted an Internet-Draft to the Internet Engineering Task Force (IETF), the standards body that has governed core Internet protocols for decades. The pitch is unglamorous: rather than invent a new trust system from scratch, the company is looking to build accountability on infrastructure that already works at global scale, then evolve it later via open standards.

Cerf’s involvement lends the effort considerable weight. Without his work, we wouldn’t have the modern internet, or at least have it in a different form. Other members of the DNSid advisory council include leaders from Internet infrastructure, cybersecurity, national security and finance.

There’s an important distinction to be made, however.

Identity is not the same as trust. DNSid isn’t designed to decide which agents are trustworthy or which are authorized to act. It's designed to establish who is accountable, leaving enterprises, security teams, regulators and courts to make their own judgments from there.

In other words, it’s a foundation layer, not a gatekeeper. It’s a license plate, not a background check.

Whether the industry adopts it is the next question, of course. The leading AI labs will be central to any real solution, but Innovation Labs is suggesting that no single company should get to define how accountability works for everyone else, and that the open-standards model that scaled the Internet is the right template for scaling AI.

I asked Allie Kline, Interim CEO of Innovation Labs, for more details:

John Koetsier: Why do agents need identity?

Allie Kline: Today, organizations generally know who is responsible for the AI agents running inside their own environments. The challenge we need to prepare for is when agents increasingly operate across organizations, platforms, and services.

As AI agents begin crossing organizational boundaries, accountability must move with them. Organizations need a common way to identify who is responsible for an agent and its actions, regardless of where it operates.

That's what will allow AI to scale responsibly. It's not about replacing the controls that exist today. It's about adding a layer of accountability beneath today's controls so they're ready for the way AI is evolving.

John Koetsier: Why DNS?

Allie Kline: Because DNS is one of the few systems that already works across organizational boundaries. Independent organizations can recognize the same identifier without needing a direct relationship with one another. That's exactly the kind of foundation AI accountability requires.

Rather than creating a new foundation, we're building on one that already operates at global scale. That allows organizations to add a common layer of accountability today while continuing to evolve it through open standards.

John Koetsier: What's broken today?

Allie Kline: Today, most organizations have effective ways to manage the AI agents operating inside their own environments. As organizations expand the role of AI, those agents will increasingly operate beyond their own walls.

That's where a new challenge emerges. Organizations need a common way to recognize who is responsible for an AI agent, regardless of where it operates.

This isn't about replacing what's working today. It's about extending accountability to support the next generation of AI deployments.

John Koetsier: How would this stop an AI disaster?

Allie Kline: No technology can guarantee that an incident will never happen. What it can do is ensure organizations aren't responding blindly.

If you can't identify an AI agent or the organization responsible for it, you can't isolate it, revoke it, investigate what happened, or establish accountability.

When organizations know actions can be traced back to the responsible entity, they have greater confidence deploying AI at scale.

John Koetsier: Can criminals simply opt out?

Allie Kline: People and organizations can always choose not to participate in a standard. The value of a broadly adopted standard is that systems can recognize that absence.

As AI becomes more interconnected, organizations will increasingly expect to know who is responsible for an AI agent before allowing it to access systems or take action on their behalf.

Over time, the inability to verify who is responsible for an AI agent should become a clear risk signal rather than an invisible condition.

John Koetsier: Who decides who's legitimate?

Allie Kline: DNSid does not decide whether an agent or its owner is trustworthy. It establishes who is accountable. That gives counterparties the information they need to make trust decisions.

Enterprises apply their own policies. Security teams evaluate risk. Regulators enforce applicable requirements. Courts determine liability. Identity establishes accountability. It does not confer trust. Legitimacy and authorization remain decisions for the relevant institution and context.

John Koetsier: Why should developers care?

Allie Kline: The best standards disappear into the background. Developers shouldn't have to build a different accountability integration for every AI platform. A common standard lets them build once, interoperate everywhere, and focus on building great AI instead of rebuilding the same infrastructure over and over again.

John Koetsier: Will the big AI labs adopt it?

Allie Kline: The leading AI companies are an important part of the solution, but no single company should define how accountability works for everyone else.

The technologies that have enabled the Internet to scale have been built on open standards that anyone can implement. Accountability for AI should follow the same model.

Our goal isn't for DNSid to become a proprietary technology. It's to help establish an open standard that any platform, cloud, or developer can support.

John Koetsier: What's the biggest misconception about AI identity?

Allie Kline: I think the biggest misconception is that AI accountability is primarily an internal challenge. For most organizations today, it is.

The challenge changes as organizations expand the role of AI beyond their own walls. Agents will increasingly interact with customers, partners, suppliers, and other AI agents. That's when accountability has to move with the agent.

It's not because today's controls stop working. It's because they're being asked to support a fundamentally different operating model.

John Koetsier: What made Vint Cerf say yes?

Allie Kline: Vint has spent his career helping build the Internet's foundational protocols. He recognizes that AI agents are creating another architectural moment where open standards matter more than proprietary solutions.

He has said publicly that questions of identity, authority, accountability, and trust for AI agents are becoming fundamental Internet challenges.

That's exactly the problem we're working to solve.

John Koetsier: Thank you.

Read Entire Article