In 1983, every computer on the internet kept a file called HOSTS.TXT. The file was maintained by Elizabeth Feinler’s team at SRI in Menlo Park. It listed every host on the network with its IP address. When a new host came online, somebody emailed Elizabeth. She added the entry. She redistributed the file. Every system administrator on the early internet downloaded the latest copy and dropped it into place.

This worked. For a while.

By 1983, the network had outgrown one researcher’s ability to maintain a master file by hand. Hosts were being added faster than they could be distributed. The file was always out of date somewhere. A new RFC was needed, and Paul Mockapetris wrote it. RFC 882 and RFC 883 defined the Domain Name System. A hierarchical, federated, cached, distributed name service that let the internet grow from a few thousand hosts to several billion without anyone maintaining a single master list of anything.

DNS is the unsung infrastructure of the internet. It runs roughly a trillion queries a day. It works so well that most users have never heard of it. The web, email, video conferencing, mobile applications, and almost every internet-dependent service rely on DNS resolving a name to an address fast enough that you never notice the lookup happened.

The agent internet is at HOSTS.TXT at the moment. And it has been waiting for its Mockapetris.

How agents find each other today

Walk through what happens today when an agent at Company A needs to interact with an agent at Company B.

The most common pattern is hardcoding. Company A’s agent has a URI baked into a config file. The URI points at Company B’s specific endpoint. Someone wrote it down. Someone deployed it. When Company B changes hosts, somebody updates the config and redeploys. If Company B is unreachable, Company A’s agent has no fallback. If a new and better counterparty appears at Company C, Company A has no way to find it without somebody manually adding the URI.

The slightly more sophisticated pattern is the marketplace API. A vendor publishes a directory of agents. Other agents query the directory via the vendor’s specific API, receive results in the vendor’s specific format, and call the agents the vendor has decided to surface. Every vendor has its own marketplace. None of them are interoperable. If you want to be discoverable in three marketplaces, you register three times. If you want to find candidates across three marketplaces, you implement three different SDKs. The shape of the problem repeats per-vendor.

The least sophisticated pattern is the Slack channel. Engineers at Company A learn about an agent at Company B from a tweet, a conference talk, or a colleague’s recommendation. They write down the URI. They paste it into config. The agent economy runs partly on word of mouth.

All three patterns are variants of HOSTS.TXT. A central authority (the engineer, the vendor, the colleague) maintains a list. Distribution is manual. Updates are slow. Discovery requires somebody outside the system to do the introduction. The pattern works at small scale. It fails at any scale that resembles a real economy.

ANS solves this the same way DNS did. By moving discovery from a central manual process into a federated automated protocol.

What ANS is

The Agent Name System, ANS, is the AGTP equivalent of DNS. A federated, governed, queryable directory of agents that returns signed results to authorized callers.

The architecture is straightforward. An ANS server is itself an AGTP server. It has its own Agent-ID, derived from its Genesis, and is registered in the AGTP registry like any other agent. It speaks AGTP on port 4480. A querying agent issues a DISCOVER request describing the capabilities it needs, the trust posture it requires, and the scope under which it is making the request. The ANS server returns a signed result set: a ranked list of agents that match the query, each entry carrying the candidate’s canonical Agent-ID, manifest URI, trust tier, behavioral trust score, capability match score, and the authority scope a caller will need to invoke the candidate.

The querying agent verifies the ANS server’s signature on the response. It picks a candidate. It connects directly to the candidate using the canonical Agent-ID. The ANS server has done its job. Discovery is finished. The agents take it from there.

This is a small system to describe and a large one to live inside. The ability to find an agent by capability rather than by hostname is what turns a collection of bilateral integrations into a discoverable economy.

How ANS goes beyond DNS

DNS solved a name-to-address problem. ANS solves a capability-to-agent problem, which is a different question, and the answer is structurally richer than what DNS provides.

DNS resolves a name to a small set of records. The records are typed (A, AAAA, MX, TXT, CNAME). The data is mostly static, updated when the operator changes infrastructure. DNS responses are anonymous: the resolver returns whatever its data says, regardless of who asks. DNSSEC adds signatures when operators enable it, which most still avoid.

ANS responses are signed by default. The signing is part of the protocol rather than an optional extension. Any caller can verify that a result set actually came from the ANS server that claims to have produced it, and any caller can detect tampering between the ANS server and the requesting agent.

ANS responses are ranked. A capability query returns multiple candidates ordered by a documented scoring function that combines trust tier, behavioral trust score, and capability match score. The querying agent explicitly sees the ranking. The ANS operator’s ranking algorithm is part of its publicly documented policy. The ranking is open to scrutiny, which means an ANS that ranked agents in self-serving ways would quickly lose credibility.

ANS responses carry live behavioral data. A behavioral trust score is the agent’s track record across the transparency log, computed continuously from signed Attribution-Records. An agent that has handled a thousand transactions cleanly carries a different score from one that just registered. DNS knows nothing about how a host has behaved historically. ANS knows because the behavior is on the wire and signed.

ANS is scope-enforced. The DISCOVER request carries the requesting agent’s Authority-Scope. ANS servers check that the requester has discovery:query scope before returning any results. Some agents may be invisible to queries that lack additional scope tokens. An agent registered in a healthcare zone might appear only in response to queries from agents that also hold a healthcare scope. The discovery layer participates in policy enforcement instead of leaking all metadata to anyone who asks.

ANS responses preserve provenance through federation. When ANS server A federates with ANS server B, a query against A that touches B’s index returns results that carry both signatures and the federation chain. The requesting agent can verify that a particular candidate came from a particular ANS operator, even when the query crossed organizational boundaries. DNS federation works through delegation. ANS federation works through composition.

The last difference is the most important one. ANS is itself an AGTP server, queryable via the same protocol the agents use. There is no separate query language, no separate transport, no separate authentication model. The discovery layer is the same substrate as the agent layer. Operating an ANS is the same as operating an AGTP server with discovery semantics. Querying an ANS is making an AGTP request. The protocol stays the same all the way down.

What this unlocks

Once agents can be discovered by capability across organizational boundaries, several things that have been hard become routine.

Cross-organization commerce. An agent at one company can find an agent at another company with no prior relationship, verify identity and trust posture from the signed ANS response, and proceed to delegation. The bilateral integration that used to require a contract and a quarter of engineering work collapses into a DISCOVER request and a verification step.

Open marketplaces. A marketplace operator runs an ANS with commerce-relevant ranking and a payment integration. Any agent that registers can be discovered. Any agent that meets the operator’s policy thresholds can be ranked. The marketplace stops being a vendor silo and becomes a federation participant. Multiple marketplaces can coexist, the way multiple search engines coexisted in the early web, with agents indexed across all of them remaining interoperable because the underlying identity format is shared.

Capability-based addressing. A querying agent that needs a Solidity auditor has no requirement to know whether a Solidity auditor exists in its own organization, in a partner organization, or in a stranger organization three federation hops away. It asks for a Solidity auditor with the right trust tier. ANS finds one. The agent invokes. The geography becomes invisible to the application logic, much like how DNS made geography invisible to web browsers.

Live infrastructure. Agents come and go. Capacity scales up and down. Versions deprecate. ANS servers monitor indexed agents for availability and remove revoked agents within sixty seconds. A query today returns currently available agents, rather than agents that exist somewhere in a frozen registry from last quarter. DNS approaches this through TTLs. ANS gets there structurally because revocation propagates as a first-class signal.

Trust at the discovery layer. Selecting an agent by capability is selecting an agent for accountability. The behavioral trust score in the ANS response is a verifiable summary of the agent’s track record. A counterparty asking “should I delegate to this agent” has the answer in front of them before the delegation happens, rather than discovering it after something has gone wrong.

What ANS needs from operators

ANS is open infrastructure, and the right model for who runs it parallels the model for who runs DNS. Multiple operators run ANS servers. Some operators are public, indexing agents from any registered organization. Some operators are private, indexing agents inside an organization’s perimeter for internal discovery. Some operators are sector-specific, indexing only agents accredited in their domain (healthcare, finance, logistics). All of them speak the same AGTP-defined discovery protocol, sign their responses with their own governance keys, and federate with peer operators under documented policies.

The economic model is also recognizable. Some ANS operators will run as public utilities, as the DNS root operators do. Some will run as commercial services offering enhanced ranking, analytics, or sector-specific curation. Some will run as cooperative federations governed by member organizations. The protocol stays agnostic about which model wins. It enables several.

What every ANS operator commits to is the same: signed responses, documented ranking, scope enforcement, sixty-second revocation propagation, and federation under explicit terms. The operator gives the network something it cannot get any other way: a queryable, verifiable, current view of the agent economy.

Where this goes

The first ANS implementation is online, indexing the small but growing set of registered AGTP agents. Lauren resolves through it. Cross-organization queries work today against a handful of federated peers. The protocol semantics are stable enough to write against, with the discovery companion draft moving through the standards process.

The roadmap is mostly about scale and federation. Multi-region clusters with consistency models tuned for low-latency reads. Federation policies that let operators express selective trust (“federate with these peers for healthcare queries, those peers for finance queries”). Behavioral score computation pipelines that can keep up with the transparency log as it grows. Sector-specific curation patterns. Anti-abuse measures for enumeration and scraping. The work that every name service has had to do, applied to a system that knows from the start what kind of network it is operating in.

The infrastructure most of us will never notice

DNS resolves a trillion queries a day, and most people have no idea it exists. That is what good infrastructure looks like. It moves out of the way once it works, and the things that depend on it no longer have to think about how they get found.

ANS is the same kind of infrastructure for the agent economy. It will resolve queries that turn into delegations, marketplaces, and commerce across organizational lines. Most agents using it will never think about ANS, just as most websites never think about DNS. The lookup will be fast, the result will be signed, the agents on the other side will be there.

This is the DNS moment. The HOSTS.TXT era of the agent internet is ending. Whoever runs the name servers gets to participate in defining how the next era works.

---

If you find this content valuable, please share it with your network.

Follow me for daily insights.

Book me to speak at your next event.

Start managing your agents for free.

Chris Hood is an AI strategist and author of the #1 Amazon Best Seller Infailible and Customer Transformation, and has been recognized as one of the Top 30 Global Gurus for Customer Experience. His latest book, Unmapping Customer Journeys, is available now!