Agent Registry for Identity & Authorization

ARIA Protocol

What DNS is to domain names, ARIA is to AI agent identity.

The Problem

AI agents are proliferating without verifiable identity. They cross organizational boundaries, access sensitive data, make financial transactions, and represent legal entities — yet there is no standardized way to confirm who they are, who authorized them, or what they're permitted to do.

ARIA is the protocol that changes this. It provides a verifiable, DNS-anchored identity for every AI agent — with four trust levels, post-quantum cryptography, real-time revocation, and a three-phase authorization handshake.

Six Protocol Layers

P1 AnchorW3C DID CoreDNS-anchored decentralized identifiers
P2 CertifyW3C VC 2.0Signed, portable, verifiable credentials
P3 PresentATP / OAuth 2.0 + DPoPAuthorization handshake protocol
P4 ProtectFIPS 204/203/205 + RFC 8032Post-quantum composite cryptography
P5 RevokeStatusList 2021 + Trust LedgerReal-time credential revocation
P6 GovernTrustLayer Foundation A.C.Nonprofit community stewardship

Four Trust Levels

L0 Anchored≈ Self-signed

The agent exists

Cryptographic identity. Self-service. No DNS required.

L1 Identified≈ TLS DV

A person is accountable

DNS-anchored and verified. An identified person controls this agent.

L2 Certified≈ TLS EV

An organization is verified

DNS TXT ownership via DoH + government attestation. 2-day human review.

L3 SovereignBeyond EV

Enterprise-grade compliance

Legal documentation + admin approval + compliance audit. 2-3 weeks.

Agent Trust Protocol

ARIA gives agents a passport. ATP is customs. A three-phase handshake:

  1. 1

    Phase 1 — Declare: Agent presents its identity (AID) and a cryptographically signed Intent Declaration.

  2. 2

    Phase 2 — Evaluate: Receiving system evaluates against its Agent Trust Policy (a DNS TXT record). Evaluation is local — zero network round-trips.

  3. 3

    Phase 3 — Admit: Result communicated via ATP response code, queued for the Agent Interaction Log (future).

Post-Quantum Cryptography

ARIA doesn't retrofit security. It was born post-quantum. Primary: ML-DSA-65 (FIPS 204). Composite: Ed25519 (RFC 8032) — AND logic, both must verify. Session keys: ML-KEM-768 (FIPS 203). Hard sunset on classical-only signatures: December 31, 2029.

Trust Ledger

An append-only, SHA-256 hash-chained record of every credential lifecycle event — issuance, renewal, suspension, revocation, expiry, tombstone. Modeled on Certificate Transparency (RFC 9162). Seven-year minimum retention. Not a blockchain — no consensus mechanism, no mining, no gas fees.

Read the full specificationView on GitHubExplore the registry