FRESH

Hacker News

Show HN: Agent Passport – OAuth-like identity verification for AI agents

13 points by samerismail

by infamousjoeg

1 subcomments

SPIFFE/SPIRE could work for the identity layer. The risk engine concept is cool. Would love to see that applied to machine identities that are working "on-behalf-of" humans.

by NickNaraghi

1 subcomments

by slj

1 subcomments

by spiffe

1 subcomments

Sorry, but to call a spade a spade, but this is a convoluted mess of faux-security without actually solving your problem statement.
Faux-security because there is no security - anyone that steals the jwt can impersonate the agent for the lifetime of the jwt - 60 minutes is an eternity.
Your solution does nothing to get to the bottom turtle, or most of the intermediate turtles.

by kai-agi

0 subcomment

by frk_ai_8b2e

0 subcomment