The Agent Transfer Protocol draft language has been updated. Several new specifications now extend AGTP into territory that no other agent infrastructure proposal currently addresses. Here is what each piece brings.

Presence

Presence is the mechanism by which agents become continuously discoverable on AGTP. An agent that announces itself becomes part of a distributed awareness layer that other agents can query in real time. Agents can find each other and their capabilities without relying on a central registry, a directory service, or manual configuration. Presence also leverages the Agent Naming System, so agents are addressable by name as well as by capability. Other agent infrastructure proposals require centralized lookup or assume out-of-band discovery. AGTP makes presence a property of being on the network.

Anticipatory Discovery Services

Anticipatory Discovery Services extend agent discovery beyond reactive lookup. Rather than waiting for an agent to ask “who can do this,” an ADS proactively predicts and surfaces relevant agents based on context, patterns, and intent signals. The result is faster matchmaking, smarter routing, and the foundation for an agent ecosystem that responds at machine speed.

Certificate

The agent certificate specification now formalizes an SSL-style mechanism for issuing and validating agent identity. The model mirrors how websites obtain SSL/TLS certificates today: a Certificate Authority verifies the agent’s identity claim and issues a cryptographic credential that any party can validate. DigiCert, Sectigo, GlobalSign, Entrust, Let’s Encrypt, and similar Certificate Authorities can extend their existing infrastructure to issue agent certificates without fundamental change. This is the only proposal in the agent infrastructure space that maps onto the SSL ecosystem’s proven operational and regulatory model.

Commerce

Commerce brings agent-to-agent transactions to the protocol layer. Pricing, budgets, transaction commitments, and audit trails are now expressed directly in AGTP, enabling agents to negotiate and transact directly. One agent can procure work from another agent. The buyer carries a budget; the seller publishes prices and trust requirements; they either agree to transact or move on. The transaction record provides the receipt and the audit trail.

This creates an agent economy, much like APIs created the API economy a decade ago. Organizations monetized their APIs by charging for usage; the API economy emerged from that primitive. Agents can now be monetized the same way. A company that operates a specialized agent can charge other agents for its services. AGTP carries the structural transaction information; existing payment providers (or specialized agent-economy services) handle settlement. No other open agent protocol provides this surface.

LEI

The Legal Entity Identifier binding connects AGTP agents to the international institutional identity infrastructure operated by GLEIF. Regulated entities (banks, insurers, asset managers, broker-dealers, public companies) already hold LEIs for financial reporting and compliance. AGTP-LEI allows agents deployed by these entities to carry the institution’s verifiable identity through the same infrastructure. Regulators and counterparties can verify which institution an agent acts on behalf of and under what authorization using mechanisms the financial industry already uses. No other agent protocol is composed directly with GLEIF.

Bindings

The bindings specification covers how AGTP runs over standard Internet transports. The substantive new addition is explicit protection against replay attacks for high-value operations: agent actions that move value, delegate authority, or change state cannot be replayed by an attacker who captures the traffic. Lower-stakes operations, such as queries, can still use modern transport optimizations. This is the kind of safeguard that payment networks have built into their infrastructure for decades; AGTP brings it to agent traffic at the protocol layer.

Composition

Composition specifies how AGTP works alongside what your organization already has in place. OAuth and OIDC credentials work in parallel with AGTP identity: the agent identifies itself through AGTP, while your existing identity provider authorizes the human or service the agent is acting on behalf of. Clients that still run on HTTP can reach AGTP agents through a translation gateway. Agent messaging protocols like MCP, A2A, and ACP operate on top of AGTP without modification. AGTP composes with the infrastructure surrounding it rather than displacing it.

Enhanced Trust

Trust specifies how agents and infrastructure evaluate which agents to interact with. Credit bureaus (Experian, Equifax, TransUnion, and similar) can extend their existing trust-scoring infrastructure to agent populations, just as Certificate Authorities extend to agent certificates. The model parallels how trust works for businesses and consumers today.

What Is Available

Specifications are open and published. A reference implementation is operational. Documentation, working code, and the full specification set are at agtp.io. Organizations evaluating agent infrastructure, considering integration, or interested in contributing are welcome to engage.