New Draft: draft-dhir-http-agent-profile — HTTP Agent Profile (HAP) from Sanatkumar Dhir on 2025-11-25 (ietf-http-wg@w3.org from October to December 2025)

From: Sanatkumar Dhir <sd3824@columbia.edu>
Date: Mon, 24 Nov 2025 21:03:34 -0500
To: ietf-http-wg@w3.org
Cc: My Residence <skdhir@gmail.com>
Message-ID: <CAJEErCK6OmwBBzVHgvdnEzSFrFD=cXZOhgLfAJk0VW2v+hiSYA@mail.gmail.com>

Hello HTTPWG,

I'd like to announce a new individual Internet-Draft:

*“HTTP Agent Profile (HAP): Authenticated and Monetized Agent Traffic on
the Web”*
Datatracker: https://datatracker.ietf.org/doc/draft-dhir-http-agent-profile/
TXT: https://www.ietf.org/archive/id/draft-dhir-http-agent-profile-00.txt

The draft explores an increasingly relevant problem:
Autonomous agents (LLM-powered crawlers, assistants, bots) now consume a
significant portion of web traffic, yet HTTP lacks a standard way to
authenticate agents, distinguish them from humans, or express economic
requirements for large-scale agent access.

HAP proposes an HTTP-compatible profile that:

   -

   Uses *HTTP Message Signatures (RFC 9421)* for verifiable agent identity
   -

   Uses *Privacy Pass (RFC 9578)* to distinguish human vs agent traffic
   -

   Defines use of *HTTP 402* as a machine-readable payment/economic
   challenge mechanism

The goal is to start a structured discussion about whether and how HTTP
should evolve to support authenticated, accountable, and economically
aligned agent traffic.

Feedback of any kind is very welcome.

Best regards,
Sanat Dhir.
sdhir26@gsb.columbia.edu

Received on Wednesday, 26 November 2025 06:45:02 UTC