DNS-AID lets AI agents find and verify each other through DNS
AI agents run across many platforms, and each one needs a way to locate and confirm the identity of the others it works with. The Linux Foundation’s DNS-AID project gives them that capability through the Domain Name System, the same address lookup system that has directed internet traffic for decades.
The project lets AI agents and Model Context Protocol (MCP) servers use DNS as a global, vendor-neutral directory for publishing, discovering, and verifying one another. Infoblox developed the initial code, and the project now sits under Linux Foundation governance.
“DNS-AID helps anchor agent discovery in the DNS infrastructure the internet already trusts. The Linux Foundation provides the neutral home where this work can grow with the open governance, community collaboration, and long-term stability the emerging agentic web requires,” said Jim Zemlin, CEO at the Linux Foundation.
How the discovery works
DNS-AID works as a naming convention layered on top of DNS records that organizations already operate. It uses existing SVCB, TXT, and TLSA record types defined in RFC 9460 and RFC 4033, so administrators can adopt it on any DNS server that supports DNSSEC and SVCB. Each agent gets a record under a pattern such as _chatbot._mcp._agents.example.com, which encodes its protocol, service port, capability document, and other metadata.
Agents can be located three ways: a direct lookup by name, a search by capability, or a crawl of a domain’s agent index. DNSSEC signs the records, creating a cryptographic chain of trust from the DNS root down to each agent, and DANE binds TLS certificates to those records. A discovering agent validates these signatures and then connects directly to the published endpoint over MCP, A2A, HTTPS, or another protocol declared in the record.
Reference implementation and backends
The project ships a reference implementation with a Python SDK, a command-line interface, and an MCP server. Eight backends are included, covering Amazon Route 53, Cloudflare, Infoblox NIOS and UDDI, Azure DNS, Google Cloud DNS, NS1, and a self-hosted BIND9 option. A Docker Compose setup with a local BIND9 server lets developers test the tools locally on their own machines.
Backing and intended uses
Initial members include Cloudflare, CSC, Equinix, GoDaddy, IDC, Indeed, Infoblox, Internet Systems Consortium, and WWT.
Documented use cases cover cross-organization agent collaboration, research consortiums that publish agents under university domains, multi-tenant SaaS platforms that isolate customers through DNS zone delegation, and lightweight agents on edge and IoT devices.
“The agentic internet is going to be built on the same DNS and public-CA infrastructure that carried the human web for 30 years, and that works because no single operator owns it. DNS-AID gives agent discovery a neutral DNS-layer protocol any resolver can implement. The Agent Name Service open standard then adds a layer of verification and identification any agent can use. Both standards compose with whatever sits above them at the application layer. DNS-AID and Agent Name Service at the Linux Foundation are part of a broader move toward open, interoperable building blocks for the evolving internet. The standards that succeed at internet scale are the open ones, well operated,” said Scott Courtney, VP, Engineering, GoDaddy.
The code is open for contributions on GitHub.
Must read:
- 25 open-source cybersecurity tools that don’t care about your budget
- GitHub CISO on security strategy and collaborating with the open-source community
Subscribe to the Help Net Security ad-free monthly newsletter to stay informed on the essential open-source cybersecurity tools. Subscribe here!