[Openid-aiim] IAM needs for Agentic AI and Path Forward

Tom Jones thomasclinganjones at gmail.com
Sun Jul 20 20:28:47 UTC 2025 

Those ideas are completely broken.
If an agent, on behalf of a legal person, is allowed to order and pay for
goods, then a legal contract was created and satisfied.
Anything else is not agency.
So the question is, do we have an agent or not?
.https://www.law.cornell.edu/wex/agent

Peace ..tom jones


On Sun, Jul 20, 2025 at 9:56 AM Eve Maler <eve at vennfactory.com> wrote:

> Feeling philosophical today: Is there room to square this circle?
>
> There’s an emerging field of relational AI (vs. transactional — behaviors
> vs. actions). I’ve been talking to the developer
> <https://kaystoner.substack.com> of a number of custom GPTs that are
> aligned with very precisely drawn personas — and, yes, have also been
> playing with some of them. The outputs are indeed variable but the
> behaviors are designed to provide certain kinds of interactive support.
> Their design also includes some guardrails and some level of transparency.
>
> Maybe what needs to come first, before we can trust a high-autonomy-level
> transactional agent, is measurable behavioral alignment with their human
> delegator (Agentic Assurance Level? :-) ). Perhaps only then can we start
> to assess the alignment of any actions that agent takes.
>
> (Human delegates are not immune to misalignment with their delegator, of
> course, which is why agency law and the concept of fiduciary duty exist. I
> doubt AI agents will win humanlike legal status any time soon, but if they
> are ever to get anywhere near it, they’ll need to solve these sorts of
> issues.)
>
> Eve
>
> [image: VF Logo Light Green Mix (on Dark BG) for email sig.png]
>
> Eve Maler, president and founder
> Cell and Signal +1 (425) 345-6756 <+1-425-345-6756>
>
> On Jul 19, 2025, at 12:33 PM, Tom Jones via Openid-aiim <
> openid-aiim at lists.openid.net> wrote:
>
> non-deterministic agents do present serious challenges to *trust*,
> *security*, and *governance*. In domains like digital identity, law,
> finance, and public infrastructure, *unpredictability* isn't just
> inconvenient—it’s potentially * unacceptable*. Let’s break down why:
> ⚠️ *Why Non-Determinism Breeds Unacceptability*
>
>    -
>
>    *Inconsistent behavior*: Agents that act differently under the same
>    conditions can’t be reliably audited or certified.
>    -
>
>    *Untraceable outputs*: It becomes hard to pinpoint cause,
>    responsibility, or compliance status.
>    -
>
>    *Vulnerability to manipulation*: Adversaries can exploit probabilistic
>    logic to induce unwanted outcomes.
>    -
>
>    *Loss of control*: Especially in systems involving user consent or
>    legal transactions, determinism enables meaningful boundaries.
>
> The above is what a bing bot thinks of this idea.  I agree with it.
> Peace ..tom jones
>
>
> On Sat, Jul 19, 2025 at 10:19 AM Ayesha Dissanayaka <ayshsandu at gmail.com>
> wrote:
>
>> Hi Tom,
>>
>> Thank you for your input. Of course, defining an agent is a top priority
>> when considering IAM. It's the very first term in the taxonomy document
>> <https://github.com/openid/cg-ai-identity-management/blob/main/deliverable/taxonomy.md> that
>> the CG is constructing. 😃
>>
>> Major AI framework providers have their definitions for AI agents, as I
>> tried to summarize here.
>> <https://docs.google.com/document/d/1PhWC4KRO00kOPUW113ldG06Vii5dZjW3ljiV1tA0GCc/edit?tab=t.1iyru8xdjt9u>.
>> We can draw some inspiration from them when constructing a definition for
>> the AI agents in the context of IAM for Agents.
>>
>> On your suggestion for the agent definition, the term "consistent
>> behavior" might not go well with an agent, as agents are, by
>> design, undeterministic and dynamic. If you ask an agent to do the same
>> thing twice, there is a fair chance that it will do the task differently,
>> unlike a traditional application or a workload.
>>
>>
>> On Sat, Jul 19, 2025 at 12:19 AM Tom Jones <thomasclinganjones at gmail.com>
>> wrote:
>>
>>> you talk about giving ai agents and id, but there appears to be no
>>> definition of what an agent must be to deserve an ID.
>>> Let's do that  - how about this.
>>>
>>> An agent is a persistent collection of software and language models
>>> together in a workload with a consistent behavior (identity) for the
>>> duration of the validity of an assigned Identifier.
>>> An agent can be delegated authority by Entities, that is by named
>>> objects.
>>>
>>> Peace ..tom jones
>>>
>>>
>>> On Fri, Jul 18, 2025 at 10:49 AM Ayesha Dissanayaka via Openid-aiim <
>>> openid-aiim at lists.openid.net> wrote:
>>>
>>>> Hi All,
>>>>
>>>> Thanks, everyone, for your comments on the thoughts on the doc. And I
>>>> had a great time discussing this during the CG meeting yesterday. Following
>>>> up on our discussion i
>>>> <https://github.com/openid/cg-ai-identity-management/wiki/20250717-%E2%80%90-Meeting-notes:-July-17,-2025#ayeshas-agent-identity-discussion-iam-need-for-agentic-ai---brainstorming>n
>>>> the last CG meeting, I am moving this conversation to email so that it's
>>>> easier to comment and gather thoughts from everyone.  Please refer to
>>>> this
>>>> <https://docs.google.com/document/d/1PhWC4KRO00kOPUW113ldG06Vii5dZjW3ljiV1tA0GCc/edit?tab=t.0>
>>>> documen
>>>> <https://docs.google.com/document/d/1PhWC4KRO00kOPUW113ldG06Vii5dZjW3ljiV1tA0GCc/edit?tab=t.0>t
>>>> for detailed information.
>>>>
>>>> The complexity of AI-native applications, when considering GenAI,  has
>>>> progressed in added stages of complexity :
>>>>
>>>>    1.
>>>>
>>>>    Task-Specific AI: Simple applications using LLMs for specific tasks
>>>>    like text generation.
>>>>    2. RAG-Enabled AI: Applications that can access and synthesize
>>>>    external knowledge bases.
>>>>    3. Apps that include Agents: Applications where agents can make
>>>>    decisions and execute tasks on a user's behalf.
>>>>    4.
>>>>
>>>>    Agent Teammates: The current frontier, where agents act on their
>>>>    own accord and collaborate with humans in shared workflows.
>>>>
>>>> This evolution presents exciting opportunities, but it also brings a
>>>> new set of challenges, particularly in how we manage identity and access.
>>>> To ensure we build a secure and trustworthy ecosystem for these agents, we
>>>> need to establish a robust set of IAM best practices.
>>>>
>>>> Here are some of the key requirements that we should be thinking about:
>>>>
>>>>    -
>>>>
>>>>    Seamless Integration: Agents need to interact with existing
>>>>    systems, like those using OAuth, with minimal disruption.
>>>>    - Flexible Action: Agents should be able to act on their own or
>>>>    securely on behalf of a user or another entity.
>>>>    - Just-in-Time Permissions: To mitigate risks from the
>>>>    non-deterministic nature of agents, we need mechanisms for granting
>>>>    just-enough access, precisely when it's needed.
>>>>    - Clear Accountability: There must be a designated responsible
>>>>    party for an agent's actions.
>>>>    - Auditable Traceability: All agent actions should be traceable
>>>>    back to their identity and the delegating authority.
>>>>    - Agent-Specific Controls: Resource servers may need to identify
>>>>    and apply specific controls for actions initiated by agents.
>>>>    -
>>>>
>>>>    Lifecycle Management: We need clear governance for the entire
>>>>    lifecycle of an agent, from onboarding to decommissioning.
>>>>
>>>> This is a pivotal moment for us to lead the way in defining the
>>>> standards and best practices that will shape the future of agentic AI. To
>>>> get the ball rolling, let's consider a few key questions:
>>>>
>>>>    1.
>>>>
>>>>    Where can we apply existing standards and best practices?
>>>>    2. What are the novel problems that existing solutions can't
>>>>    address?
>>>>    3. Where do we need to extend current standards or innovate?
>>>>    4. How should an agent's identity be defined and structured?
>>>>    5. Develop a shared vocabulary for scenarios, actors, and
>>>>    challenges.
>>>>    - Happening at
>>>>       https://github.com/openid/cg-ai-identity-management/blob/main/deliverable/taxonomy.md
>>>>       as initiated at AIIM-CG
>>>>
>>>> Please share your thoughts, any references, and any ideas you might
>>>> have on the above.
>>>>
>>>> Looking forward to continuing the discussion.
>>>>
>>>>
>>>> On Wed, Jul 9, 2025 at 10:04 PM Ayesha Dissanayaka <ayshsandu at gmail.com>
>>>> wrote:
>>>>
>>>>> Thanks, Alex, for the comments.
>>>>>
>>>>> On Mon, Jul 7, 2025 at 8:41 PM Alex Babeanu <alex.babeanu at indykite.com>
>>>>> wrote:
>>>>>
>>>>>> Added some comments to the doc, thanks for sharing Ayesha. This could
>>>>>> serve as a starting point for discussion...
>>>>>> A side question, could we use a common share drive to such docs or
>>>>>> material ?
>>>>>>
>>>>> Sure, if the CG has such a shared space, I can move the doc there.
>>>>> Athul <atul at sgnl.ai>, do we have any such for the AIIM CG?
>>>>>
>>>>>
>>>>>> Cheers,
>>>>>>
>>>>>> ./\.
>>>>>>
>>>>>> On Thu, Jul 3, 2025 at 10:56 AM Ayesha Dissanayaka <
>>>>>> ayshsandu at gmail.com> wrote:
>>>>>>
>>>>>>> Hi All,
>>>>>>>
>>>>>>> It's great to be part of this exciting community to discuss IAM for
>>>>>>> the Agentic Era.
>>>>>>>
>>>>>>> Bubbling up a discussion in the Slack channel, I'm sharing this
>>>>>>> analysis on emerging IAM challenges from Agentic AI
>>>>>>> <https://docs.google.com/document/d/1PhWC4KRO00kOPUW113ldG06Vii5dZjW3ljiV1tA0GCc/edit?tab=t.0#heading=h.secnaj745bir>
>>>>>>> systems that now function as autonomous workforce members, and how we can
>>>>>>> approach addressing them.
>>>>>>>
>>>>>>> I'd love to hear working groups' thoughts on this, and collaborate
>>>>>>> to extend this work to commonly identify the IAM problems we need to be
>>>>>>> solving for agentic AI systems and how.
>>>>>>>
>>>>>>> I'm happy to discuss these findings at an upcoming meeting. Till
>>>>>>> then, let's collaborate on the mailing list and in the doc
>>>>>>> <https://docs.google.com/document/d/1PhWC4KRO00kOPUW113ldG06Vii5dZjW3ljiV1tA0GCc/edit?tab=t.0#heading=h.secnaj745bir>
>>>>>>> itself.
>>>>>>>
>>>>>>> Cheers!
>>>>>>>
>>>>>>> - Ayesha
>>>>>>>
>>>>>>> --
>>>>>>> Openid-aiim mailing list
>>>>>>> Openid-aiim at lists.openid.net
>>>>>>> https://lists.openid.net/mailman/listinfo/openid-aiim
>>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>>
>>>>>>
>>>>>> Alex Babeanu
>>>>>> Lead Product Manager, AI Control  Suite
>>>>>>
>>>>>> t. +1 604 728 8130
>>>>>> e. alex.babeanu at indykite.com
>>>>>> w. www.indykite.com
>>>>>>
>>>>> --
>>>> Openid-aiim mailing list
>>>> Openid-aiim at lists.openid.net
>>>> https://lists.openid.net/mailman/listinfo/openid-aiim
>>>>
>>> --
> Openid-aiim mailing list
> Openid-aiim at lists.openid.net
> https://lists.openid.net/mailman/listinfo/openid-aiim
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-aiim/attachments/20250720/94d74c4b/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: VF Logo Light Green Mix (on Dark BG) for email sig.png
Type: image/png
Size: 16340 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-aiim/attachments/20250720/94d74c4b/attachment-0001.png>

More information about the Openid-aiim mailing list