GoDaddy and HOL propose DNS standards for verifiable AI agent identity

By AI, Created 11:26 AM UTC, May 20, 2026, /AGP/ – GoDaddy and HOL published two draft specifications on May 7, 2026, to make AI agent identity easier to verify across DNS and decentralized environments. The proposals aim to give developers, security teams, and platforms a standard way to discover agents, confirm who they represent, and audit their history over time.

Why it matters: - AI agents are moving from experiments into production systems that act on behalf of users and businesses. - GoDaddy and HOL want shared identity and provenance standards that work across registries, tools, and platforms. - The drafts aim to reduce integration friction for developers building multi-agent systems and marketplaces. - The proposals also aim to strengthen reputation signals tied to real businesses and domains.

What happened: - GoDaddy and HOL published two draft specifications on May 7, 2026, in Majuro, Marshall Islands. - The drafts target verifiable AI agent identity across the open web and decentralized environments. - The proposals use DNS and public cryptographic records to create a more transparent foundation for AI agent identity. - The drafts are the ANS UAID profile, defined by HCS-14, and a Merkle tree checkpoint specification, defined by HCS-27.

The details: - The Universal Agent ID format gives AI agents a consistent identifier across web and decentralized environments. - The ANS profile standardizes how ANS-registered agents are discovered and interpreted using familiar internet infrastructure. - The DNS record exposes a pointer and minimal metadata. - The full Agent Card details are retrieved directly from the agent’s published endpoint. - The Agent Card provides protocol endpoints in a consistent structure. - Endpoints are deterministically bound to the expected domain. - Verification signals are surfaced in a consistent way for resolvers and brokers. - ANS agents can be discovered and used alongside agents from other ecosystems through shared resolution rules. - ANS remains a DNS-native identity system. - ANS transparency logs record identity lifecycle events such as registration, updates, and revocations. - Each point-in-time log state can be summarized as a Merkle tree root. - HCS-27 defines how to publish periodic Merkle root checkpoints to a public consensus network using typed consensus messages. - Only cryptographic commitments are published publicly. - Log entries, metadata, and proof bundles remain off-ledger. - Anyone can verify inclusion and ordering using standard Merkle proofs. - Consensus timestamps provide a public, immutable checkpoint history. - The design creates a verifiable audit trail for AI agent identity anchored to DNS. - Marketplaces, security teams, and downstream integrators can independently check the history without relying on the registry operator. - GoDaddy says ANS has been running in production since November 2025.

Between the lines: - The drafts try to use existing internet primitives instead of creating a closed identity stack. - The approach keeps public data minimal while making verification straightforward. - The architecture aligns with the IETF SCITT model for supply chain integrity, while HCS-27 adds a public verification channel SCITT does not define. - That combination suggests an effort to make AI agent identity portable across ecosystems without changing how agents are deployed today. - Scott Courtney, VP Engineering at GoDaddy, said the drafts let any resolver discover and verify ANS-registered agents through a standard interface, and let anyone audit the registry’s history without trusting a single operator. - Michael Kantor, president at HOL, said the ANS profile and Merkle checkpoints make it easier for the ecosystem to verify agent identity and provenance using widely understood cryptographic methods.

What’s next: - GoDaddy and HOL are sharing both specifications as drafts for review and feedback. - Developers, registry operators, security teams, and ecosystem contributors are invited to help refine the standards. - Early implementations could follow as the proposals move toward broader adoption.

The bottom line: - GoDaddy and HOL are trying to give AI agents a DNS-based identity layer that is easier to verify, easier to audit, and more interoperable across the open web.