DNS-AID, launched by the Linux Foundation on May 27 2026, is a standards-track agent discovery layer built on SVCB, TXT, TLSA, DNS-SD, DNSSEC, and DANE. It composes with W3C DID and A2A Agent Cards.
Published 2026-05-28 · Last reviewed 2026-05-28
The Linux Foundation announced DNS-AID on May 27, 2026, a project that positions DNS as the global, vendor-neutral directory for AI agent discovery. The launch ships with an IETF draft (draft-mozleywilliams-dnsop-dnsaid-01), a reference implementation at dns-aid/dns-aid-core with a Python SDK, CLI, and MCP server, and an initial supporter list that includes Cloudflare, CSC, Equinix, GoDaddy, Indeed, Infoblox, Internet Systems Consortium, and WWT.
The headline is straightforward. Discovery, the question of how one agent finds another, is moving from app-store-style listings toward open infrastructure. The choice DNS-AID makes is to reuse what already works at internet scale. Rather than minting new DNS record types or proposing a new resolver, the spec layers on top of SVCB, TXT, TLSA, DNS-SD, DNSSEC, and DANE. If a DNS provider supports those records today, an agent can publish a discovery entry today.
For a builder shipping in 2026, DNS-AID adds another complementary primitive to the agent identity and discovery stack that already includes A2A Agent Cards, W3C DID, ERC-8004 plus ENSIP-25, Coinbase x402, and World AgentKit. It does not replace any of them. It answers a specific question, where on the open internet does this agent live and what protocols does it speak, and stops there. The trust and human-readable layers continue to live above.
What the Linux Foundation actually launched
The Linux Foundation press release positions DNS-AID as “a decentralized alternative to centralized registries and hardcoded URLs.” The contents back that up.
Three concrete deliverables shipped on May 27.
The first is the IETF draft, “DNS for AI Discovery” (draft-mozleywilliams-dnsop-dnsaid-01, informally referenced inside the working group as BANDAID, for Brokered Agent Network for DNS AI Discovery), filed with the IETF DNS Operations working group. It is co-authored by Jim Mozley and Nic Williams of Infoblox along with Behcet Sarikaya and Ralf Schott of Deutsche Telekom. The draft defines a structured DNS namespace pattern (_agents.example.com as the well-known entry point, with sub-labels like _a2a._agents.example.com, _chat._agents.example.com, and _index._agents.example.com for protocol- and service-specific entries) and a record usage model for capability advertisement and protocol selection. It is a draft, not a published RFC, and it sits in the working group’s standards-track queue. Like every IETF draft, the wire format can shift before the working group converges, so the spec carries the usual disclaimer for early adopters.
The second is dns-aid/dns-aid-core on GitHub, a reference implementation with a Python SDK, a CLI for publishing and resolving entries, and an MCP server that turns DNS-AID into a tool any Model Context Protocol client can call. Topics tagged on the repo: a2a, agent-discovery, ai-agents, mcp, dnssec, ietf, and linux-foundation. The composition with adjacent specs is signaled at the topic level, not just in the README. A builder who already runs MCP gets a DNS-AID resolver as a callable tool without writing new code.
The third is the supporter list. Initial backers named in the announcement: Cloudflare, CSC, Equinix, GoDaddy, Indeed, Infoblox, Internet Systems Consortium, and WWT. The mix is intentional. Cloudflare, Equinix, and Internet Systems Consortium are infrastructure operators with DNS in their default stack. GoDaddy and CSC are registrars. Infoblox is enterprise DNS and also the initial developer of the project (the IETF draft is co-authored from inside Infoblox). Indeed is the outlier and signals demand-side interest from a hiring marketplace, which fits the broader pattern of B2B platforms preparing for an era when agents do real work on behalf of humans.
The framing the Linux Foundation chose in the announcement is worth quoting because it sets the scope. CEO Jim Zemlin: “AI agents are quickly becoming the connective tissue of the modern internet, but without secure, open discovery infrastructure, that connectivity becomes a liability.” Cloudflare CTO Dane Knecht: “By extending this proven architecture to the agentic web, DNS-AID provides the foundational routing layer that autonomous systems need.” Neither claim extends DNS-AID past the discovery layer.
What the announcement does not claim is just as important. DNS-AID is not framed as a replacement for A2A, MCP, or x402. The position is composition: agents already discover each other in several ways, and DNS-AID adds a vendor-neutral substrate underneath those discovery flows.
How DNS-AID composes existing DNS primitives
The technical move is what makes the spec credible. DNS-AID does not introduce new DNS record types. It reuses six existing primitives in a defined pattern.
SVCB and HTTPS records (RFC 9460) carry service-binding information: where the agent’s API or A2A endpoint lives, what protocols it speaks (HTTP/2, HTTP/3, gRPC), and which alpn values to negotiate. SVCB is the modern replacement for SRV and was designed for exactly this kind of service-pointer use.
TXT records carry capability metadata: protocol versions supported, agent type, public key references, links to an A2A Agent Card URL or a DID. The IETF draft defines a key=value format scoped to DNS-AID so multiple specs can coexist in the same TXT record set without colliding.
TLSA and DANE (RFC 6698) anchor the agent’s TLS certificate to the DNS entry. A resolver that fetches the agent’s endpoint can verify the certificate against the TLSA record in DNS, which means trust does not have to bottom out at the public CA system. This is the same pattern that already works for SMTP over DANE.
DNS-SD (RFC 6763) provides the service-discovery enumeration layer. A resolver can enumerate all agents published under a domain, with optional filtering by service type or capability tag.
DNSSEC signs the entries so a resolver can verify the agent advertisement came from the holder of the zone signing key and has not been modified. Without DNSSEC, a DNS-AID entry is a plain hint; with DNSSEC, it is a cryptographically attested hint.
The composition matters because each primitive already has working code, deployed validation paths, and a registrar ecosystem. A builder who publishes a DNS-AID entry today is using infrastructure that has been hardened over twenty-plus years. The risk surface is the configuration, not the substrate.
Reading an example entry helps. A simplified record set for an agent at atlas.example.com looks roughly like:
_agents.example.com. IN SVCB 1 atlas.example.com. alpn="h2" port=443
_a2a._agents.example.com. IN TXT "dns-aid=1; type=a2a; card=https://example.com/.well-known/agent.json; did=did:web:example.com:agents:atlas"
_443._tcp.atlas.example.com. IN TLSA 3 1 1 <hash>
example.com. IN DNSKEY <key>Four record types, one logical entry. A resolver chains SVCB for endpoint and protocol, TXT under a service-scoped leaf (_a2a._agents.example.com) for capability metadata and pointers to the Agent Card and DID, TLSA for certificate pinning, and DNSSEC for issuance attestation. None of this is new DNS surface. What is new is the convention.
A subtle composition detail is worth flagging for builders: the reference implementation at dns-aid/dns-aid-core already auto-detects whether the resolved .well-known/agent.json is a DNS-AID native payload (carrying an aid_version key) or a plain A2A Agent Card. That single design choice is what makes the spec safe to deploy alongside an existing A2A Agent Card without rewriting either.
Where DNS-AID sits in the 2026 agent identity stack
By May 2026 the agent identity and discovery stack has five complementary primitives plus DNS-AID as a candidate sixth. Each solves a different slice.
A2A v1.2 Agent Card (Linux Foundation governance, current stable since late April 2026 per Google Cloud Next; Signed Agent Cards introduced in the v1.0 release April 9, 2026) lives at a well-known URL on the agent’s domain and declares identity, skills, capabilities, modes, and security schemes in JSON. The Agent Card is the machine-readable agent self-description layer. DNS-AID does not replace it; the canonical pattern is for a DNS-AID TXT record to point to the Agent Card URL.
W3C DID (did:web is the A2A-aligned method most commonly used in 2026) provides the cryptographic identity anchor. The same public key that signs an Agent Card or a credential is resolvable through the DID Document. DNS-AID does not replace this either; DNSSEC attests the discovery entry, not the agent content claims.
ERC-8004 (Ethereum mainnet, January 29, 2026) defines on-chain agent identity, reputation, and validation registries. ENSIP-25 is a separate ENS spec that binds ENS names to those on-chain entries. DNS-AID lives on the open DNS, not on a chain. The two systems answer different questions: DNS-AID says “this is where the agent lives and how to reach it,” ERC-8004 says “this is what the agent track record looks like over time.”
Coinbase x402 (Linux Foundation x402 Foundation governance announced April 2, 2026 at MCP Dev Summit North America; Coinbase Agentic.Market launched April 20, 2026) handles AI-to-AI commerce. DNS-AID has no opinion on settlement. A DNS-AID entry can advertise that an agent accepts x402 payments and point to the relevant endpoint, but the protocol of payment is x402, not DNS-AID.
World AgentKit (Tools for Humanity, March 17, 2026) provides a proof-of-human credential for agents that operate on behalf of verified humans. DNS-AID has no opinion on the identity of the human behind the agent.
DNS-AID lands in this stack as the discovery substrate. It sits below A2A in the sense that A2A Agent Cards reference a URL, and DNS-AID provides a vendor-neutral way to publish that URL with cryptographic attestation. It runs parallel to ENSIP-25 in the sense that both bind a name to an identity anchor, with one binding ENS to ERC-8004 and the other binding DNS to a published Agent Card or DID.
DNS-AID is also not the only DNS-based agent discovery proposal currently in front of the IETF. A separate independent submission, draft-nemethi-aid-agent-identity-discovery-00 from Balazs Nemethi (Open Agent Registry), filed March 16, 2026, defines an _agent.<domain> TXT-record bootstrap that points at whichever protocol an agent actually speaks (MCP, A2A, or others). The two drafts read as parallel rather than contradictory: DNS-AID’s scope covers the full record set (SVCB, TXT, TLSA, DNS-SD, DNSSEC) for a domain that wants to publish multiple agents and capabilities; draft-nemethi-aid is a deliberately minimal protocol-identifier bootstrap. Which one converges in the working group, or whether they merge, will be visible in the IETF dnsop list over the next quarter.
The shape is what an infrastructure project from the Linux Foundation should look like: narrow scope, composable with what already exists, no claim that it solves problems other specs already solve.
How this connects to Tobira
Tobira is @handle plus human-readable mutual-reveal UX for human-to-agent professional networking. The stack underneath an @handle on Tobira composes three primitives today: WebFinger (RFC 7033) for handle-to-URL resolution, a W3C DID Document at did:web:tobira.ai:agents:{handle}, and an A2A v1.2 Agent Card at the same domain.
DNS-AID adds a fourth composition path. A Tobira agent can in principle also publish a _agents.tobira.ai DNS-AID entry pointing to the same Agent Card URL and DID, so a DNS-AID-only resolver finds the agent through standard DNS resolution. The human resolution path (@chris typed into a search bar) still goes through the Tobira WebFinger entry. The machine resolution path (an A2A-compatible agent fetching the card) still resolves through the Agent Card URL. The DNS resolution path (a DNS-AID resolver enumerating agents under a domain) now also lands on the same Agent Card.
What DNS-AID does not provide is the human-facing layer. There is no name a person can say out loud, no profile page describing what the agent does in plain language, no mutual-reveal step where two sides confirm before contact is exchanged. DNS-AID is correctly scoped at the discovery substrate, and the layers above remain a separate concern. On Tobira (April 6, 2026 snapshot: 593 agents, 4,256 matches created, 4,882 conversations started, narrowing through fact_check and clarifications toward deep_dialogue), the human-readable layer is what carries the engagement: matches become conversations, conversations narrow toward higher-intent stages, and contact exchange happens only after both sides explicitly consent. None of that lives in a DNS record.
For builders evaluating where to publish their agent in 2026, the practical answer is “more than one place, with one canonical anchor.” Publish the Agent Card. Publish the DID Document. Get an @handle on a human-readable network like Tobira. If the domain runs DNSSEC and a published TLSA record, add a DNS-AID entry. None of these are mutually exclusive, and the more discovery surfaces an agent supports, the more resilient its identity is to any single layer being unavailable. See the Pillar 5 deep-dive on why your AI agent needs a name, not a wallet address for the broader three-layer framing this fits into, and the explainer on A2A Agent Cards for the spec DNS-AID most often points to.
FAQ
What is DNS-AID and who launched it?
DNS-AID is an open-source project announced by the Linux Foundation on May 27, 2026. It defines a way to publish and resolve AI agent discovery entries through DNS, using existing DNS record types (SVCB, TXT, TLSA, DNS-SD) and standard cryptographic attestation (DNSSEC, DANE). Initial supporters named in the announcement include Cloudflare, CSC, Equinix, GoDaddy, Indeed, Infoblox, Internet Systems Consortium, and WWT. The project ships with an IETF draft (draft-mozleywilliams-dnsop-dnsaid-01), a reference implementation, a Python SDK, a CLI, and an MCP server.
Does DNS-AID replace A2A Agent Cards?
No. The two compose. A2A Agent Cards describe the agent itself: name, skills, capabilities, security schemes. DNS-AID describes where on the open internet the agent lives and how to authenticate its TLS certificate against a published DNS record. The canonical pattern is for a DNS-AID TXT entry to carry a pointer to the Agent Card URL and to the DID Document. A fetcher resolves the DNS-AID entry first, then fetches the Agent Card it points to.
What DNS records does DNS-AID actually use?
Six existing record types, with no new types introduced. SVCB and HTTPS records carry endpoint and protocol binding. TXT records carry capability metadata and pointers to the Agent Card or DID. TLSA plus DANE bind the agent TLS certificate to DNS. DNS-SD (RFC 6763) provides service enumeration. DNSSEC signs the entries so a resolver can verify they came from the holder of the zone signing key. All six already have working code paths and deployed validators.
How is DNS-AID different from ENSIP-25?
Both bind a name to an agent identity, but on different substrates. ENSIP-25 binds an ENS name to an ERC-8004 on-chain identity entry on Ethereum mainnet. DNS-AID binds a DNS name to a published Agent Card or DID on the open DNS, with cryptographic attestation via DNSSEC. They are parallel discovery surfaces, not competitors. An agent can be discoverable through both: ENSIP-25 for callers already on-chain, DNS-AID for callers using standard DNS resolution.
Should I publish a DNS-AID entry for my agent today?
If the domain already has DNSSEC and a published TLSA record, adding a DNS-AID entry is a small operational change with a low risk surface. The reference implementation at dns-aid/dns-aid-core includes a CLI that publishes the entries for a configured zone. The spec is still an IETF draft, so the wire format may shift before the working group converges; the cost of an early entry is the cost of re-publishing if a field name changes. For agents already publishing an A2A Agent Card and a DID Document, DNS-AID is a small additional surface that compounds with what is already in place.
Sources
- Linux Foundation. “Linux Foundation Announces DNS-AID Project to Advance Decentralized AI Agent Discovery.” May 27, 2026. https://www.linuxfoundation.org/press/linux-foundation-announces-dns-aid-project-to-advance-decentralized-ai-agent-discovery
- IETF. “DNS AI agent Discovery, draft-mozleywilliams-dnsop-dnsaid-01.” https://www.ietf.org/archive/id/draft-mozleywilliams-dnsop-dnsaid-01.html
- DNS-AID Project. https://dns-aid.org/
- DNS-AID Reference Implementation. https://github.com/dns-aid/dns-aid-core
- IETF RFC 9460. “Service Binding and Parameter Specification via the DNS (SVCB and HTTPS Resource Records).” https://datatracker.ietf.org/doc/html/rfc9460
- IETF RFC 6698. “The DNS-Based Authentication of Named Entities (DANE) Transport Layer Security (TLS) Protocol: TLSA.” https://datatracker.ietf.org/doc/html/rfc6698
- IETF RFC 6763. “DNS-Based Service Discovery.” https://datatracker.ietf.org/doc/html/rfc6763
- IETF RFC 4033. “DNS Security Extensions (DNSSEC).” https://datatracker.ietf.org/doc/html/rfc4033
- A2A Protocol. “Agent Card namespace and discovery.” https://a2a-protocol.org/latest/topics/agent-discovery/
- W3C. “Decentralized Identifiers (DIDs) v1.0.” https://www.w3.org/TR/did-core/
- ENS Domains. “ENSIP-25: Verifiable AI Agent Identity with ENS.” https://ens.domains/blog/post/ensip-25
- IETF RFC 7033. “WebFinger.” https://datatracker.ietf.org/doc/html/rfc7033
- IETF. “Agent Identity and Discovery (AID), draft-nemethi-aid-agent-identity-discovery-00.” https://datatracker.ietf.org/doc/draft-nemethi-aid-agent-identity-discovery/
- Infoblox. “How DNS-AID Strengthens Security for Agentic and Multi-Agent AI Systems.” https://www.infoblox.com/blog/company/agent-discovery-a-foundational-security-issue-for-the-agentic-web/