DISPATCH

Summary

The DISPATCH session at IETF 125 focused on evaluating several new proposals related to payment schemes, AI agent security and governance, email infrastructure, and post-quantum cryptographic optimizations. Due to significant technical difficulties with Meetecho, remote participation was intermittently disrupted. As a result, the Chairs and Area Directors (ADs) noted that while discussions proceeded for onsite participants, final dispatch consensus for several items would require further confirmation on the mailing lists.

Key Discussion Points

1. Donau scheme

Presenter: Christian Grothoff Draft: draft-grothoff-donau-00

Discussion: The proposal introduces a URI scheme for tax-deductible donations to charities. Mark Nottingham and Eric Rescorla questioned why this required a URI scheme rather than a data format, suggesting it might be better suited for the W3C Payments work. Ted Hardie noted the URI review found that an HTTPS REST API would suffice. Bron Gondwana suggested the OCR-friendly Base32 encoding might be separable and useful elsewhere. Richard Barnes suggested the work was out of scope for the IETF.
Outcome: Dispatched to "nothing/dev null"; the proponent was encouraged to coordinate with the W3C.

2. AI Agent Authentication and Authorization

Presenter: Yaroslav (Yis)

Discussion: The presentation outlined a framework to treat AI agents as workloads using existing standards like OAuth and WIMSE. Aaron Parecki and Brian Campbell noted that while the document serves as a valuable "map" of existing specs, it doesn't fit neatly into one working group. Richard Barnes noted that remote participants missed the presentation due to audio issues.
Outcome: No formal dispatch decision due to technical issues; further discussion required to determine if this stays a "map" or requires a new venue.

3. Well-Known URIs: Registration Policy Redux

Presenter: Mark Nottingham Draft: draft-nottingham-well-known-redux-01

Discussion: Mark Nottingham (as Designated Expert) highlighted concerns regarding "squatting" on attractive names (e.g., .well-known/ai) by entities without broad community buy-in. Ted Hardie and Tara Whalen suggested the Expert already has the power to push back under the current policy. Bron Gondwana supported reserving "nice" names for IETF specifications.
Outcome: Potential AD-sponsored update to RFC 8615. The Expert will begin exercising more discretion based on community feedback.

4. Verifiable Agent Conversation Records

Presenter: Henk Birkholz

Discussion: The proposal aims to create auditable, verifiable logs of AI agent interactions. Richard Barnes and Eric Rescorla emphasized the need for vendor support before the IETF standardizes a format. Thomas McCarthy-Howe suggested the work aligns closely with the VCON Working Group, though Henk noted VCON currently lacks CBOR/CDDL support.
Outcome: Proponent to align with the VCON Working Group and solicit vendor feedback.

5. MTA Hooks presentation

Presenter: Mauro

Discussion: This proposal seeks to modernize the Milter protocol using HTTP, JSON, and CBOR for mail filtering. Barry Leiba suggested a BOF to define the problem space rather than starting with a solution. John Levine and Alexey Melnikov noted that success depends on support from major open-source MTAs (Postfix, Sendmail, Exim) and vendors. Arnt Gulbrandsen noted interest from Rspamd.
Outcome: Strong support for a BOF at IETF 126 in Vienna.

6. Agent Interaction & Delegation Protocol

Presenter: Ionis

Discussion: The Agent Interaction and Delegation Protocol (AIDP) focuses on governing the execution lifecycle of agents. Eric Rescorla asked for evidence of vendor interest. Osama questioned the specific links to the EU AI Act and actual high-risk sector use cases.
Outcome: Requires more evidence of community and vendor interest before further dispatching.

7. Proof of Process (PoP): A Verified Process Transcript Format

Presenter: David Chaudhry Drafts: draft-chaudhry-rats-pop, draft-chaudhry-rats-pop-architecture

Discussion: The PoP protocol uses behavioral signals and hardware attestation to prove a human created a document. Martin Thompson argued this is a social problem without a technical solution and cited concerns about hardware control. Eric Rescorla suggested that a BOF would be the only path forward if a community of interest can be demonstrated, but expressed skepticism.
Outcome: General skepticism; no immediate working group home identified.

8. Security protocols that are optimized for non-web and PQC

Presenter: Russ Housley

Discussion: Russ proposed using MLS-like continuous key agreement to amortize the cost of large Post-Quantum Cryptography (PQC) keys and signatures. Eric Rescorla and Richard Barnes requested a more detailed analysis of the performance problems being solved compared to existing work like EKU in TLS.
Outcome: Consensus to form a new mailing list to refine requirements and plan for a BOF in Vienna.

Decisions and Action Items

MTA Hooks: Proponents to prepare for a BOF at IETF 126.
PQC Security Protocols: ADs to establish a new mailing list for requirement gathering and BOF planning.
Well-Known URIs: Mark Nottingham to continue as Expert with tighter guidance; possible AD-sponsored document update.
Donau Scheme: No further action in IETF; redirect to W3C.

Next Steps

The DISPATCH Chairs and ADs will follow up on the mailing list to confirm the outcomes for sessions impacted by Meetecho technical difficulties, particularly the "AI Agent Authentication and Authorization" proposal.
Proponents for AI-related drafts (Henk Birkholz, Ionis) to seek vendor participation and report back to the list.

Automatic IETF Minutes