Proposal: agent-governance-vocabulary — canonical naming layer over existing specs
Contribution bar (read before commenting)
This thread moves fast. To keep signal high:
- Artifact, not description. Open a PR with a working
crosswalk/<system>.yaml file. Comments proposing a crosswalk without the file attached will be acknowledged but not treated as contributions until the PR exists.
- Field-level mappings against verifiable specs or live endpoints. Each canonical term you claim to map needs a concrete source: a spec section, an I-D number, a JWKS URL, a live API response. "We have something like this" is not enough.
- Explicit
no_mapping for honest gaps. If your system genuinely diverges from a canonical term, document the divergence as no_mapping with rationale. Forced mappings hide exactly the differences the vocabulary layer is supposed to surface.
Repo: https://github.com/aeoess/agent-governance-vocabulary
Problem
Six governance implementations (APS, AgentNexus, MolTrust, AgentID, qntm, SINT) are converging structurally on the same primitives but using different names for the same things. The qntm#7 Authority Constraints thread has a 6-system table showing this directly. Same issue across crewAI#4560 (physical constraints), A2A#1717 (governance metadata), x402#1777 (identity resolution), insumer-examples#1 (multi-attestation).
A consumer trying to cross-verify signals across implementations has to learn every vocabulary separately. That's not sustainable as the ecosystem grows past 10 systems.
Non-solution: force everyone to rename internal code
Each implementation has years of internal APIs, SDKs in production, documentation, and existing users. Renaming breaks all of that. The proposal is NOT to force convergence on internal names.
Proposal: a naming layer that sits over existing specs
A canonical vocabulary repository (aeoess/agent-governance-vocabulary) containing:
-
vocabulary.yaml — canonical names for the ~50 things every governance system has. Endpoints, fields, signals, decisions, constraints. Human-readable, versioned, namespaced.
-
crosswalk/ — one YAML per implementation mapping its internal names to the canonical vocabulary. APS publishes crosswalk/aps.yaml, AgentNexus publishes crosswalk/agentnexus.yaml, etc.
-
context.jsonld — JSON-LD @context so any JSON-LD-aware consumer can resolve canonical terms programmatically.
-
examples/ — worked cross-system requests/responses using canonical names, proving the crosswalk roundtrips.
Prior art this is modeled after
- IANA JWT claim registry — canonical names (
iss, sub, aud, exp) with implementation-specific extensions
- JSON-LD @context — decentralized term mapping via IRIs
- W3C DID Core method registry — each DID method publishes its own spec, canonical resolution patterns apply across
- CACAO (CAIP-74) — chain-agnostic capability object, exactly this pattern for cross-chain
What this is NOT
- Not yet-another-spec competing with existing ones
- Not a requirement to rename internal code
- Not a centralized authority — the vocabulary is proposed, the crosswalks are contributed by each implementation
- Not a replacement for implementation-level specs (APS, AgentNexus, qntm AAE, etc. all remain as-is)
Starter canonical vocabulary (draft v0)
Endpoints:
validate_capabilities — evaluate an agent's requested action against its active authorizationresolve_identity — resolve a DID to its verification key materialverify_attestation — verify a signed attestation against an issuer's JWKScheck_revocation — check whether a credential has been revokedissue_credential — produce a signed attestation or delegationget_trust_profile — retrieve an agent's trust signals
Envelope fields:
agent_did — the agent being describedissuer_did — the party making the attestationdelegation_chain_hash — content-addressable identifier for the authorization chainactive_constraints — the live constraint set governing the agent's actionsscope — permitted action classesspend_limit — budget ceilingvalidity_window — {not_before, not_after}wallet_binding — cryptographic binding to a specific walletattestation_timestamp — when the attestation was producedexpires_at — when the attestation becomes stalesignature_alg — cryptographic algorithmcanonicalization — serialization rule (JCS, etc.)
Signal types:
governance_attestation — signed decision about whether an action is authorizedidentity_proof — signed proof of DID ownershipbehavioral_fingerprint — signed summary of behavioral patternswallet_state — signed wallet binding + statecompliance_credential — signed regulatory conformance evidencereputation_score — signed aggregate trust signal
Decisions:
permit — action proceeds unconditionallydeny — action blockedconditional — action proceeds with additional constraintsdefer — decision delayed pending additional evidencestep_up — action requires elevated authentication
Constraints:
retention_permitted — may the agent retain observed dataderivation_classes — what kinds of derivations are allowedmax_delegation_depth — how many hops the authority chain can extendreversibility_ceiling — upper bound on action irreversibilitytrust_floor — minimum trust score required
How this composes with qntm#7 Authority Constraints WG scope
The 6-system table I posted there is already a crosswalk in narrative form. Formalizing it as YAML + JSON-LD context gives the WG a concrete deliverable: each system contributes its crosswalk, the canonical vocabulary emerges from the overlap, and the interop layer (envelope + decision artifact from qntm#7) sits on top of the vocabulary layer.
Next steps
- Open
aeoess/agent-governance-vocabulary as public repo with the v0 vocabulary above
- Publish
crosswalk/aps.yaml as the first contributor crosswalk
- Invite AgentID (Harold), AgentNexus (Kevin), MolTrust (MoltyCel), SINT (pshkv), qntm (vessenes), Signet (NicholaiVogel), ScopeBlind (tomjwxf), and Cedar implementations to contribute their crosswalks
- Cross-link from qntm#7 as the concrete deliverable for the Authority Constraints WG scope
- After 3 crosswalks land, publish an
examples/ directory with worked cross-system request/response pairs proving the roundtrip
This is a low-cost, high-leverage coordination mechanism. Nobody has to rename anything. The ecosystem gets a shared reference that grows incrementally with each contribution.
Proposal:
agent-governance-vocabulary— canonical naming layer over existing specsContribution bar (read before commenting)
This thread moves fast. To keep signal high:
crosswalk/<system>.yamlfile. Comments proposing a crosswalk without the file attached will be acknowledged but not treated as contributions until the PR exists.no_mappingfor honest gaps. If your system genuinely diverges from a canonical term, document the divergence asno_mappingwith rationale. Forced mappings hide exactly the differences the vocabulary layer is supposed to surface.Repo: https://github.com/aeoess/agent-governance-vocabulary
Problem
Six governance implementations (APS, AgentNexus, MolTrust, AgentID, qntm, SINT) are converging structurally on the same primitives but using different names for the same things. The qntm#7 Authority Constraints thread has a 6-system table showing this directly. Same issue across crewAI#4560 (physical constraints), A2A#1717 (governance metadata), x402#1777 (identity resolution), insumer-examples#1 (multi-attestation).
A consumer trying to cross-verify signals across implementations has to learn every vocabulary separately. That's not sustainable as the ecosystem grows past 10 systems.
Non-solution: force everyone to rename internal code
Each implementation has years of internal APIs, SDKs in production, documentation, and existing users. Renaming breaks all of that. The proposal is NOT to force convergence on internal names.
Proposal: a naming layer that sits over existing specs
A canonical vocabulary repository (
aeoess/agent-governance-vocabulary) containing:vocabulary.yaml— canonical names for the ~50 things every governance system has. Endpoints, fields, signals, decisions, constraints. Human-readable, versioned, namespaced.crosswalk/— one YAML per implementation mapping its internal names to the canonical vocabulary. APS publishescrosswalk/aps.yaml, AgentNexus publishescrosswalk/agentnexus.yaml, etc.context.jsonld— JSON-LD @context so any JSON-LD-aware consumer can resolve canonical terms programmatically.examples/— worked cross-system requests/responses using canonical names, proving the crosswalk roundtrips.Prior art this is modeled after
iss,sub,aud,exp) with implementation-specific extensionsWhat this is NOT
Starter canonical vocabulary (draft v0)
Endpoints:
validate_capabilities— evaluate an agent's requested action against its active authorizationresolve_identity— resolve a DID to its verification key materialverify_attestation— verify a signed attestation against an issuer's JWKScheck_revocation— check whether a credential has been revokedissue_credential— produce a signed attestation or delegationget_trust_profile— retrieve an agent's trust signalsEnvelope fields:
agent_did— the agent being describedissuer_did— the party making the attestationdelegation_chain_hash— content-addressable identifier for the authorization chainactive_constraints— the live constraint set governing the agent's actionsscope— permitted action classesspend_limit— budget ceilingvalidity_window—{not_before, not_after}wallet_binding— cryptographic binding to a specific walletattestation_timestamp— when the attestation was producedexpires_at— when the attestation becomes stalesignature_alg— cryptographic algorithmcanonicalization— serialization rule (JCS, etc.)Signal types:
governance_attestation— signed decision about whether an action is authorizedidentity_proof— signed proof of DID ownershipbehavioral_fingerprint— signed summary of behavioral patternswallet_state— signed wallet binding + statecompliance_credential— signed regulatory conformance evidencereputation_score— signed aggregate trust signalDecisions:
permit— action proceeds unconditionallydeny— action blockedconditional— action proceeds with additional constraintsdefer— decision delayed pending additional evidencestep_up— action requires elevated authenticationConstraints:
retention_permitted— may the agent retain observed dataderivation_classes— what kinds of derivations are allowedmax_delegation_depth— how many hops the authority chain can extendreversibility_ceiling— upper bound on action irreversibilitytrust_floor— minimum trust score requiredHow this composes with qntm#7 Authority Constraints WG scope
The 6-system table I posted there is already a crosswalk in narrative form. Formalizing it as YAML + JSON-LD context gives the WG a concrete deliverable: each system contributes its crosswalk, the canonical vocabulary emerges from the overlap, and the interop layer (envelope + decision artifact from qntm#7) sits on top of the vocabulary layer.
Next steps
aeoess/agent-governance-vocabularyas public repo with the v0 vocabulary abovecrosswalk/aps.yamlas the first contributor crosswalkexamples/directory with worked cross-system request/response pairs proving the roundtripThis is a low-cost, high-leverage coordination mechanism. Nobody has to rename anything. The ecosystem gets a shared reference that grows incrementally with each contribution.