Agent Transfer Protocol. github.com/nomoticai/agtp

In 2009, Google was breached. The attack came through a corporate VPN, killing an assumption that had organized security for a generation: that the inside of the network was a trusted place. Google's response became BeyondCorp. Forrester named it zero trust. NIST codified it in SP 800-207. The White House mandated it for federal agencies. Every serious CISO has been deploying some version for five years. The model works for what it was designed for. The question it was asked is about humans and workloads. Agents are a different question. An agent has no MFA device. No second factor to challenge. No session in the human sense. An agent crosses organizational boundaries by design, where neither operator owns both sides of the policy. An agent has three principals on every request, not one. AGTP applies the zero trust principles to agents. Agent-ID from a signed Genesis. Authority-Scope as a normative header. Signed Attribution-Records in transparency logs. Governance zones enforced at line rate. Behavioral trust scores from the log itself. Same discipline. New actor type. chrishood.com/zero-trust-was… #AGTP #AgentTrust #ZeroTrust

Most agents today are discovered through hardcoded URIs, vendor marketplace APIs, or word of mouth in Slack channels. All three patterns are variants of HOSTS.TXT. They work at small scale. They fail at any scale that resembles a real economy. ANS is the agent internet's DNS. Federated. Signed by default. Scope-enforced. Returns ranked results with live behavioral scores. Capability-based queries rather than name lookups. Federation that preserves provenance. The lookup language is AGTP itself. DNS scaled the web. ANS scales the agent internet. chrishood.com/agent-name-sys… #ANS #DNS #AgentWeb #AGTP

Introducing Elemen. The world's first agent browser. chrishood.com/introducing-el… #AGTP #AgentBrowser #Elemen

The World's first Agent Browser sitting on top of AGTP. Introducing Elemen. Available on github.com/nomoticai/agtp #AGTP #Elemen #AgentWeb #AgentID

REST was built for a human developer reading docs, translating intent into POST against /reservations, with time to compile, debug, and retry. Agents do something else. They reason in natural language about user goals. They have one inference step from "book a table" to whatever verb the server speaks. No second pass, no docs, no compile-time guardrails. We measured the gap. 7,200 trials, four model families. Intent-aligned verbs beat CRUD by up to 29 percentage points at frontier scale. POST /reservations loses to BOOK /reservation. The signal is in the verb itself, dense enough to survive bad documentation. AGTP-API rebuilds the contract layer around the new reader. An 18-method protocol floor every server has to support. A 465-verb open catalog that evolves at deployment cadence rather than IETF cadence. PROPOSE for the capability the server never anticipated, evaluated on the wire and synthesized into a contract at the moment of need. Semantic blocks on every endpoint so agents can compose across organizations they have never met. REST was a private contract between two parties who showed up with prior coordination. Agent APIs are public common ground for parties who have never been introduced. Different problem. Different design. Read the full article below. chrishood.com/designing-apis… #RESTAPI #OpenAPI #AgenticAPI #AGTP #Agents

Over a year ago I published "Infailible." A look at the ideology and the belief system around AI. I calculated then that the industries perception vs. reality is about a 7 year gap. Fast forward, and we have comments like this proving the point.

Bye bye REST APIs for Agents. papers.ssrn.com/sol3/papers.… #REST #OpenAPI #Agents #AgenticAPI

CVE-2026-48710, "BadHost," dropped May 26. One character in an HTTP Host header bypasses authentication. Starlette patched it. Thousands of MCP servers are updating tonight. The patch is real. The bug is something else. BadHost lives in no single file. ASGI passes the header. Starlette reconstructs the URL. Middleware trusts the path. Each component is locally correct. The vulnerability is what happens between them. This is the substrate, not the framework. HTTP was built for hypertext retrieval. Agent traffic inherited its assumptions. The next BadHost is already inside the codebase, waiting to be found. chrishood.com/badhost-was-in… #BadHost #AISecurity #AgentSubstrate #AGTP

BadHost (CVE-2026-48710) bypasses authentication on thousands of MCP servers, vLLM, LiteLLM, and AI agent deployments with a single character in an HTTP Host header. The vulnerability spans three layers (ASGI, Starlette, middleware) each correct in isolation. It only emerges from their interaction. This is what "HTTP wasn't designed for agents" looks like operationally. The Agent Transfer Protocol (AGTP) is the architectural alternative. Dedicated substrate, port 4480, agent identity carried structurally as a cryptographic hash rather than reconstructed from headers. The bug class doesn't exist because the substrate doesn't have the layered-assumption problem that produced it. Not a fix for BadHost. An architecture where BadHost cannot happen. draft-hood-independent-agtp-08 Start running AGTP today: github.com/nomoticai/agtp CrowdStrike, Cloudflare, Google Cloud Security, Amazon Web Services (AWS) #AGTP #BadHost #Security #AgentWeb

MCP on the Agent Transfer Protocol youtu.be/YEeb0xLZrds

MCP on AGTP for a unified agent web. #AGTP #MCP

AGTP agent identity in the headers.

Agent ID at the wire. AGTP provides wire-level identity under existing AI apps. #AGTP #AgentID

The biggest issue with the AI job market currently... hiring managers that believe they know more about AI than the candidates. #AIJobs #Ego

A developer who reads POST /reservations knows it books a table. Fifteen years of REST convention does the work. A language model has none of that. It reasons about "book me a table for four" and has to bridge to a verb describing the server's data model, not the user's goal. We measured the gap. 7,200 trials, four model families. Intent-aligned names beat CRUD by 10 to 29 points at frontier scale. Swap the descriptions and CRUD collapses to near chance while agentic names hold steady. The name carries the signal. The data is the argument. #AgenticAPI #AGTP #AIAgents

I just published Multi-Agent Negotiation is a Protocol Concern medium.com/p/multi-agent-neg…

Move over REST API --> Runtime Contract Negotiation is now available for multi-agent collaboration. #AGTP #RCNS chrishood.com/multi-agent-ne…

Agent Identity is about to converge into one standard. chrishood.com/hundreds-of-ag… #agentid #aftp

When Agent Identity and Trust live at the wire, it solves a whole mess of problems. Agent Transfer Protocol (AGTP) provides the canonical Agent-ID, Owner-ID, and a verification trust system for every agent. #AGTP #AgentTransferProtocol #AgentID