Provenance
Which domain, owner, profile and package generated the data.
Trust layer
Readable is useful. Signed and current is stronger.
A JSON file can be copied, stale, incomplete or misleading. The next step for agentic web infrastructure is provenance: who published this profile, when it changed, whether it is signed, and what access level each reader has.
Documentation
What trust means here
Trust is not only legal paperwork. It is operational clarity for machines.
Freshness
When the data was last reviewed, updated or checked by the website scanner.
Consistency
Whether the Agent Card, canonical profile, website files and public site tell the same story.
Documentation
Signed Agent Cards
A2A v1 introduces signatures and canonicalization so an Agent Card can become a verifiable trust object.
Signature status
Unsigned, signed, invalid signature, unknown issuer or verified issuer.
Canonicalization
Stable JSON canonicalization matters because signatures must verify the same object across systems.
Registry value
A registry can show which cards are signed, fresh, reachable and consistent with the website.
Documentation
Gated detail
Not every capability belongs in public. Public cards can stay safe while authenticated clients see more.
| Public | Basic identity, documentation URL, public skills, supported interfaces and general security requirements. |
|---|---|
| Authenticated | Extended capabilities, private routes, partner-only actions, scopes and richer task contracts. |
| Owner-controlled | Rules for what agents can do, what requires human confirmation and where the buyer is handed off. |