The Linux Foundation has declared its intent to launch the Agent Name Service (ANS), an open standard that gives AI agents verifiable identities by tying them to the internet’s domain name system (DNS).

The idea behind ANS has actually been around for a while. It began as a research paper published in May 2025 by the OWASP GenAI Security Project, written by a group of application-security researchers. Its authors include Ken Huang, the CEO of security consultancy DistributedApps.ai and a co-author of the widely cited OWASP Top 10 for LLM Applications, and Akram Sheriff, an AI security engineer at Cisco.

ANS is a bit of a redesign of the original idea, which has gone through a few iterations since it was published. The 2025 original described ANS as a “universal directory” — basically a central registry with naming borrowed from DNS. A second version, published as an individual draft at the Internet Engineering Task Force in April, takes this a step further and ties each agent to a real domain its operator already controls.

How It Would Work

The design essentially copies how websites already prove who they are today. An operator demonstrates control of a domain like example.com through ACME, the automated protocol behind Let’s Encrypt, and a registration authority issues the agent a pair of certificates. Every change to the agent’s status — from registration to renewal to revocation — is written to an append-only log. A client checking an agent can choose how much assurance it wants, from a basic certificate check to a tier that also consults the log.

The ANS system separates identity from discovery and hands the job of finding agents to other services built on top.

The DNS Industry and AI Agents

Discovery is handled by DNS-AID, a separate discovery standard the foundation took in on May 27. It lets agents publish their endpoints as DNS records so other agents can find them. DNS-AID was originally built by Infoblox, and GoDaddy — which is also involved in ANS — is among its backers.

Agent identity and discovery projects based on DNS aren’t limited to these two Linux Foundation projects. Including those two, there are now at least four similar proposals. There is DNSid, a durable-identity scheme from registry operator Identity Digital, and AID, a minimal discovery draft that came out of the developer community.

Vineeth Sai Narajala, a co-author of ANS now with OWASP, said in the announcement: “We didn’t need to reinvent the wheel, we needed to extend the foundational trust of the internet to a new generation of autonomous technology.”

Not reinventing the wheel also means basing this system on the registrars and certificate authorities that come with it and the trust hierarchy they built — which security researchers have long considered fragile.

It may be no surprise that many agent identity and discovery solutions are coming out of the domain industry. GoDaddy registers domains, Identity Digital operates top-level domains, and Infoblox sells DNS infrastructure. For all of them, DNS-linked agent identity and discovery extends a profitable business they already run.

What About A2A and Competing Standards?

The Linux Foundation is playing host to several alternative systems. Google’s A2A protocol gives agents a signed “Agent Card” they can publish at a known web address, with an agent registry on its roadmap. Cisco’s AGNTCY ships an agent directory and its own cryptographic identity service. Outside the foundation, Microsoft’s Entra Agent ID and Okta for AI Agents — both generally available since spring — treat an agent as an identity managed inside the corporate directory, with short-lived tokens that tie each action back to the person who authorized it.

While Cisco is backing both ANS and AGNTCY, some major players are notably absent, including Google, Anthropic, Microsoft, and Amazon. Given their outsized role in the agent ecosystem, whether they join this effort or pursue their own standards remains an open question — one that will significantly shape how AI agent identity gets resolved across the industry.