Should A2A optimize for anonymous discovery or authenticated partnerships?

[ericksonc]

A2A currently supports anonymous agent discovery - Agent Cards, dynamic capability negotiation, protocol versioning for unknown cross-vendor agents.
This introduces security risks and implementation complexity.

Proposal:
Remove these features and assume authenticated partnerships.

Benefits:
Security: No anonymous connections, all agents operate under explicit contracts
Simplicity: Remove Agent Card discovery, dynamic auth negotiation, protocol versioning
Clarity: Agents always know who they're talking to
Reality: Better matches actual usage patterns

Rationale:
5 months after protocol launch, there are zero publicly accessible A2A agents in existence. This conclusively demonstrates that anonymous agent discovery is not a real-world use case and the protocol should not optimize for it.

If all agent communication happens within:

• Same organization (internal agents)
• Pre-negotiated partnerships (contractual relationships)

Then anonymous discovery features are unused attack surface that should be removed.

Does this simplification align with the project's direction? Or are there public-facing agents I'm not aware of?