NIST Validated
the Gap OSSA Fills
Three NIST initiatives. One missing layer. Why the US government's AI agent standards effort confirms that the industry needs a contract specification.
The Moment
In February 2026, NIST launched three parallel initiatives that collectively represent the most significant government action on AI agent standards to date:
- CAISI (Consortium for AI Standards and Interoperability) — RFI published as Docket NIST-2025-0035, with a response deadline of March 9, 2026
- NCCoE AI Agent Identity Program — A National Cybersecurity Center of Excellence program focused on agent identity and authentication, with responses due April 2, 2026
- AI Agent Standards Initiative — A broader coordination effort launched in February 2026 to harmonize agent-related standards across federal agencies
This is not exploratory research. This is the US government declaring that AI agent standards are a matter of national priority, and mobilizing its most respected standards body to address it.
Why Now?
The timing is driven by numbers that even bureaucracies cannot ignore
Gartner reports that 65% of organizations have launched AI agent pilots, with 90% of executives planning to increase their agent investments in 2026. The AAIF (AI & Agents Interoperability Framework) founding tells the same story: OpenAI, Anthropic, Block, Google, Microsoft, AWS, Bloomberg, and Cloudflare — companies that rarely agree on anything — jointly established AAIF under the Linux Foundation to standardize agent interoperability.
When competitors collaborate on standards, it means the problem is too large and too urgent for any single company to solve alone. NIST sees what we all see: autonomous AI agents are becoming infrastructure. And infrastructure without standards is a disaster waiting to happen.
The Four-Layer Stack
Where OSSA sits in the AI agent standards landscape
| Layer | Standard | Purpose | Status |
|---|---|---|---|
| Application | LangChain, CrewAI, AutoGen | Agent frameworks and orchestration | Mature, fragmented |
| Contract | OSSA | Identity, capabilities, trust, governance | v0.4 production-ready |
| Discovery | DUADP | Federated agent/skill/tool discovery | v0.1 draft specification |
| Communication | MCP, A2A, ACP | Tool connectivity, agent-to-agent messaging | Active, AAIF-hosted |
MCP standardizes tool connectivity. A2A standardizes agent-to-agent communication. But no standard addresses the contract layer — the declarative specification of what an agent is, what it can do, what it should do, and what it must not do. This is the gap NIST identified. This is the gap OSSA fills.
The Contract Layer Gap
Every response to the CAISI RFI identifies gaps. Here is the most critical one.
There is no standard for agent contracts.
MCP standardizes tool connectivity. Google A2A standardizes agent-to-agent communication. OAuth and DIDs address authentication. But no standard addresses the contract layer — the declarative specification of what an agent is, what it can do, what it should do, and what it must not do.
This is what the OSSA specification provides:
- Identity: Structured agent metadata with GAID (Global Agent Identifier) using W3C DID syntax
- Capabilities: Machine-readable, validatable capability declarations
- Governance: Policy constraints (Cedar) that travel with the agent
- Interoperability: Bridges to MCP, A2A, LangChain, CrewAI, and other frameworks
- Trust: Attestation models for verifiable capability claims (x-signature)
The contract layer is the glue. Without it, agent identity (NCCoE), agent communication (AAIF/MCP/A2A), and agent security (Standards Initiative) remain disconnected concerns. With it, they compose into a coherent stack.
What NIST Got Right
The approach that makes this different from previous government standards efforts
Asks the right questions
The RFI is structured to identify gaps, not prescribe solutions
Engages the right stakeholders
Industry, academia, open-source communities, and civil society
Focuses on interoperability
Not "what standard should win?" but "how do standards work together?"
Prioritizes security
Agent identity and trust are treated as security problems, not convenience features
This is exactly the approach that worked for previous standards efforts. NIST's role in establishing cybersecurity frameworks (CSF), cryptographic standards, and zero-trust architecture followed the same pattern: convene, listen, synthesize, publish. The resulting standards — because they reflected industry reality rather than bureaucratic preference — achieved actual adoption.
The OSSA Manifest
A single YAML file declares everything NIST is asking for
apiVersion: v0.4.6
kind: Agent
metadata:
name: content-analyst
namespace: enterprise.acme
identity:
did: "did:web:acme.com:agents:content-analyst"
x-signature:
type: Ed25519
value: "z3Mc8GVk...base64..."
publicKey: "z6Mkf5rG...base64..."
issuer: "did:web:acme.com"
spec:
role: Analyzes and summarizes internal documents
llm:
provider: anthropic
model: claude-sonnet-4-6
# Identity (CAISI Priority 1)
# - W3C DID for persistent, globally resolvable identity
# - x-signature for cryptographic attestation
# Trust Boundaries (CAISI Priority 2)
authorization:
engine: cedar
policies:
- effect: permit
principal: { type: "User", role: "analyst" }
action: "read_document"
- effect: permit
principal: { type: "User", role: "analyst" }
action: "generate_summary"
- effect: forbid
principal: { type: "Agent" }
action: "modify_document"
- effect: forbid
action: "access_external_network"
autonomy:
mode: supervised
allowed_actions:
- read_document
- generate_summary
- search_internal
blocked_actions:
- delete_document
- send_email
- access_external_api
# Observability (CAISI Priority 3)
observability:
tracing:
provider: otlp
endpoint: "https://otel.acme.com"
security_events:
- action.attempted
- action.blocked
- prompt_injection.detected
metrics:
- name: token_usage
type: counter
- name: action_latency
type: histogram
# Supply Chain (CAISI Priority 4)
compliance:
sbom_pointer: "./sbom.cdx.json"
frameworks:
- "NIST-SP-800-53-r5"
- "FedRAMP-Moderate"
oscal_component: "./ossa-oscal-component.json"Every field in the manifest maps to a CAISI RFI question. Identity is metadata.identity.did. Authorization is spec.authorization.engine: cedar. Observability is spec.observability.tracing. Supply chain is spec.compliance.sbom_pointer.
One file. Machine-readable. Validatable against JSON Schema. Portable across frameworks. This is what “agent contract” means in practice.
What This Means for the Industry
NIST involvement changes the calculus for every organization deploying agents
For Enterprises
Agent standards are coming. The question is not whether to adopt them but when. Organizations that build on standards-aligned architectures now will have smoother compliance paths later.
For Startups
The standards landscape is being defined right now. Companies that contribute to and align with emerging standards will have structural advantages over those that build proprietary approaches.
For Open-Source Projects
NIST explicitly seeks input from open-source communities. Projects that address identified gaps have a window of influence that will not stay open forever.
For Developers
Agent development is about to get standardized in the same way web development got standardized by HTML, HTTP, and REST. The developers who understand the emerging standards will be the most valuable.
Our Position
We submitted to the CAISI RFI because the contract layer gap is exactly what OSSA addresses. We are engaging with the NCCoE program because DUADP provides the agent identity and discovery infrastructure they are designing reference architectures for. We are contributing to the AI Agent Standards Initiative because agent security requires verifiable agent contracts.
This is not about OSSA “winning” a standards competition. It is about ensuring that the standards landscape includes a contract layer — whether that layer is OSSA, an evolution of OSSA, or something that builds on the same principles. The gap is real. It needs to be filled.
“The Initiative will ensure that the next generation of AI — AI agents capable of autonomous actions — can function securely on behalf of its users and interoperate smoothly across the digital ecosystem.”
— NIST CAISI, AI Agent Standards Initiative
Timeline
Key dates in the NIST CAISI and NCCoE processes
NIST publishes CAISI RFI (Docket NIST-2025-0035)
Request for Information on AI agent safety, security, identity, and interoperability standards
AI Agent Standards Initiative + AAIF Launch
NIST coordination across federal agencies; OpenAI, Anthropic, Block co-found AAIF under Linux Foundation
NCCoE AI Agent Identity concept paper published
National Cybersecurity Center of Excellence seeks input on agent identity and authorization frameworks
OSSA submits formal public comment to CAISI RFI
Response addressing all four CAISI priority areas with production-ready implementations
CAISI RFI response deadline
Public comment period closes for Docket NIST-2025-0035
NCCoE AI Agent Identity response deadline
Deadline for public input on agent identity and authorization concept paper
NIST synthesis and framework development
NIST synthesizes RFI responses and develops draft framework recommendations
Supporting Research
Peer-reviewed evidence confirming the contract layer gap
MCP: Landscape, Security Threats, and Future Directions
16 threat scenarios, 4 attacker categories — confirms protocol-level security is necessary but insufficient
arXiv:2503.23278
MCP Servers: Security and Maintainability at Scale
7.2% general vulnerabilities, 5.5% tool poisoning in 1,899 servers studied
arXiv:2506.13538
Agent Interoperability Protocol Survey
Four major protocols analyzed — zero standards for agent contracts, trust, or governance
arXiv:2505.02279
Formal Analysis for Agentic AI Skills
6,487 malicious tools catalogued across agent registries; 26.1% of skills have vulnerabilities
arXiv:2603.00195
The Window Is Open Now
The US government has made agent standards a national priority. Explore the OSSA specification, try DUADP discovery, and join the effort to define the contract layer.