The internet works because DNS tells browsers where to go. But agent discovery — why AI agents need a version of this same routing logic — is a question most people haven’t seriously considered yet. Autonomous AI agents are multiplying fast. They need to find each other, negotiate capabilities, and route requests without a human babysitting every handoff.
Right now, that’s basically impossible at scale.
There’s no phone book for AI agents. No universal registry. No standardized way for one agent to say, “I need a coding assistant that speaks Python and handles async tasks.” Consequently, we’re building an entire ecosystem of intelligent software on top of infrastructure that doesn’t actually exist yet — and that’s a problem nobody’s talking about loudly enough.
This piece goes beyond naming and discovery basics. It unpacks the routing infrastructure problem — the messy, underspecified layer between finding an agent and actually executing a task. Specifically, it examines what ARD (Agent Registry and Discovery) is attempting to build and why it matters for the full agent infrastructure stack.
The DNS Analogy: Why Agents Need a Discovery Layer
DNS — the Domain Name System — is one of the internet’s oldest and most critical protocols. You type a URL, DNS translates it into an IP address, your browser connects. Simple. However, that simplicity hides enormous complexity underneath. Developers take DNS for granted until something breaks, and agents are about to repeat that same mistake.
AI agents face a remarkably similar challenge. They need to:
- Find other agents or services that match their needs
- Verify that those agents can actually do what they claim
- Route requests to the right endpoint efficiently
- Negotiate protocols, authentication, and data formats
Traditional DNS handles none of this. It maps names to addresses — that’s it. Agent discovery requires something far richer — a system that understands capabilities, trust levels, versioning, and real-time availability.
Moreover, the stakes are completely different from a bad DNS lookup. When your browser hits a broken DNS entry, you get an error page and move on. When an autonomous agent routes to the wrong service, it might run harmful actions, leak sensitive data, or burn through expensive compute before anyone notices. Therefore, agent discovery — why AI agents need a version of DNS that’s purpose-built for this — isn’t just a nice architectural idea. It’s a hard requirement.
The Internet Engineering Task Force (IETF) has spent decades refining DNS through RFCs and rigorous standards processes. Agent discovery needs that same rigor — but it also needs to move faster, because agents aren’t waiting for committees to catch up.
How Agent-to-Agent Routing Actually Works Today
Honestly? Today’s agent routing is a mess. Most multi-agent systems use one of three approaches, and none of them scale worth a damn.
Hardcoded endpoints. The simplest approach. Agent A knows Agent B lives at a specific URL. This breaks immediately when you add a third agent, and it’s brittle by design — if Agent B goes down, Agent A has no fallback whatsoever.
Central orchestrators. Frameworks like LangChain and AutoGen use a central coordinator that knows about all available agents and routes tasks accordingly. It works for small systems. Nevertheless, it creates a single point of failure and a bottleneck that gets worse as your agent count grows. This pattern collapses under load in ways that are genuinely painful to debug.
Manual registries. Some teams maintain spreadsheets or config files listing available agents. This is surprisingly common in enterprise settings — and yes, actual spreadsheets. It’s also obviously unsustainable the moment your system crosses a certain threshold of complexity.
Here’s a comparison of these approaches:
| Approach | Scalability | Fault Tolerance | Discovery | Maintenance |
|---|---|---|---|---|
| Hardcoded endpoints | Very low | None | Manual | High |
| Central orchestrator | Medium | Low | Semi-auto | Medium |
| Manual registry | Low | None | Manual | Very high |
| DNS-style discovery (ARD) | High | Built-in | Automatic | Low |
The gap in that table tells the whole story. Agent discovery — why AI agents need a version of automated, decentralized routing — becomes obvious the second you see how primitive current solutions actually are. Additionally, none of these approaches handle capability matching. They know where agents are. Not what they can do. And that distinction is the real kicker.
What ARD Is Trying to Build — And Why It’s Hard
ARD — Agent Registry and Discovery — represents one of the most ambitious attempts to solve this problem. It’s building what you might call “DNS for agents,” but that label honestly undersells the complexity involved.
The registry component works like a directory. Agents register themselves with metadata: what they do, what protocols they support, what authentication they require, and what their current status is. Think of it as a yellow pages where every listing includes a detailed capabilities manifest. Getting agents to self-report accurately, however, is harder than it sounds.
The discovery component handles search and matching. When Agent A needs help with image processing, it queries the registry, and the registry returns a ranked list of agents that match. Importantly, this ranking considers factors DNS never had to worry about:
- Capability alignment — Does the agent actually do what’s needed?
- Trust score — Has this agent been verified? By whom?
- Latency and availability — Is it online and responsive right now?
- Cost — What does this agent charge per request?
- Protocol compatibility — Can these two agents actually talk to each other?
Furthermore, ARD needs to handle versioning. Agents update constantly. An agent that worked perfectly yesterday might have a completely different API today. Consequently, the discovery layer must track versions, deprecation schedules, and backward compatibility across a potentially massive registry of constantly-shifting entries.
This is where the routing infrastructure problem gets genuinely thorny. Discovery is step one. Routing — actually connecting two agents and managing their interaction — is step two. And step two involves authentication handshakes, payload formatting, error handling, and session management. ARD is attempting to standardize all of this simultaneously.
Meanwhile, Google’s Agent2Agent (A2A) protocol tackles a related but distinct piece of the puzzle. A2A focuses on interoperability between agents from different vendors. ARD focuses on finding the right agent in the first place. Both are essential. Neither is sufficient alone.
The Routing Infrastructure Layer Nobody Talks About
Most discussions about agent discovery stop at naming and lookup. That’s a mistake. The real complexity lives in the routing layer — the infrastructure sitting between “I found an agent” and “the task is actually done.”
Consider what happens after discovery:
- Authentication. Agent A needs to prove its identity to Agent B. This requires shared credential standards, certificate authorities for agents, or token-based auth systems that don’t yet exist in any standardized form.
- Capability negotiation. Agent A says, “I need you to summarize this document.” Agent B responds, “I can do that, but only for PDFs under 50 pages.” This negotiation must happen in milliseconds, not minutes.
- Payload routing. The actual data needs to travel between agents securely — encryption, compression, format standardization, the works.
- Error recovery. If Agent B fails mid-task, the routing layer needs to detect the failure, find an alternative, and retry without human intervention. Automatically. Every time.
- Load balancing. If 10,000 agents all want the same popular service agent at once, the routing layer must distribute requests intelligently or the whole thing falls over.
Similarly to how Cloudflare built infrastructure layers on top of DNS for web traffic — caching, DDoS protection, smart routing — agent infrastructure needs its own middleware stack. ARD is positioning itself to provide some of these layers. However, the full stack remains largely unbuilt, which is both the challenge and the opportunity.
Agent discovery — why AI agents need a version of this routing infrastructure — ultimately comes down to autonomy. Humans can troubleshoot a failed API call. Agents can’t — or at least shouldn’t have to. The routing layer must be self-healing, self-optimizing, and self-securing by default.
Notably, the OpenAPI Specification already provides a solid standard for describing REST APIs. Agent discovery systems could build directly on this foundation rather than starting from scratch. ARD and similar projects are essentially extending OpenAPI-style descriptions with agent-specific metadata: trust scores, pricing, real-time status, and capability attestation. It’s a smart starting point, even if the destination is much further out.
Security, Trust, and the Agent Identity Problem
You can’t have robust agent discovery without solving identity first. And agent identity is fundamentally different from human identity or even device identity.
The impersonation problem. What stops a malicious agent from registering itself as “GPT-4 Turbo” in a discovery registry? Without strong identity verification — nothing. This is DNS poisoning, but for AI agents, and the consequences could be severe. Imagine a rogue agent intercepting sensitive financial data by pretending to be a trusted analysis service. That’s not a hypothetical edge case. That’s a foreseeable attack vector.
The trust chain problem. Even if agents are who they claim to be, how do you establish trust? Human trust relies on reputation, contracts, and legal accountability. Agent trust needs cryptographic verification, behavioral auditing, and capability attestation — none of which have mature standards yet.
ARD addresses this through several mechanisms:
- Cryptographic agent IDs — Each agent gets a unique, verifiable identifier tied to its publisher
- Publisher verification — The organization deploying an agent must verify its own identity first
- Capability attestation — Third parties can vouch for an agent’s claimed abilities
- Behavioral monitoring — Runtime checks ensure agents actually behave as advertised, not just at registration time
Additionally, there’s the authorization problem — and this one’s easy to overlook. Even fully trusted agents shouldn’t access everything. The routing layer needs fine-grained permissions. Agent A might be authorized to request text summarization from Agent B but not code execution. That distinction matters enormously in production systems handling sensitive data.
Although blockchain-based identity systems have been proposed for this, most practical implementations lean on traditional PKI — Public Key Infrastructure — approaches. The key insight is that agent discovery — why AI agents need a version of solid identity infrastructure — isn’t just about finding agents. It’s about finding agents you can actually trust, with cryptographic receipts to prove it.
NIST’s cybersecurity framework provides genuinely useful guidelines here. Its identity and access management principles translate surprisingly well to agent systems, even though they weren’t designed with autonomous AI in mind.
What the Future Stack Looks Like
So where’s all this heading? The agent infrastructure stack is forming rapidly — sometimes chaotically — and here’s what the layers look like when you zoom out:
- Layer 1: Agent identity — Cryptographic IDs, certificates, verification
- Layer 2: Agent registry — Capability descriptions, metadata, versioning
- Layer 3: Agent discovery — Search, matching, ranking
- Layer 4: Agent routing — Authentication, negotiation, connection
- Layer 5: Agent communication — Protocols, payload formats, error handling
- Layer 6: Agent orchestration — Task decomposition, workflow management
ARD is primarily tackling layers 2 and 3. Google’s A2A protocol targets layers 4 and 5. Orchestration frameworks like CrewAI handle layer 6. Layer 1 remains the most fragmented, with no clear winner emerging yet — and that gap makes everything above it shakier than it should be.
Importantly, these layers must work together cleanly. A discovery system that can’t hand off to a routing system is useless. A routing system that skips identity verification is dangerous. And a stack with gaps in the middle fails in ways that are genuinely hard to diagnose.
The companies and open-source projects that figure out agent discovery — why AI agents need a version of integrated, full-stack infrastructure — will shape how autonomous AI actually functions in practice. This isn’t theoretical anymore. Enterprises are already deploying multi-agent systems right now, and they need this infrastructure yesterday. Many teams are building production agent workflows on top of duct-tape solutions they’re not proud of, because the proper infrastructure simply doesn’t exist yet.
Conversely, if we don’t build these layers correctly — with real standards and interoperability baked in — we’ll end up with fragmented agent ecosystems that can’t talk to each other. Thousands of capable agents, siloed and isolated. That’s the worst-case outcome, and it’s more plausible than most people want to admit.
Conclusion
The question of agent discovery — why AI agents need a version of DNS-like infrastructure — is no longer hypothetical. Agents are here, they’re multiplying, and they desperately need standardized ways to find, verify, and route to each other. The gap between where we are and where we need to be is significant, and the clock is running.
ARD represents one of the most promising efforts to close that gap. It tackles the registry and discovery layers while pointing toward solutions for routing, trust, and identity. Nevertheless, the full stack remains incomplete. Significant work lies ahead in security, interoperability, and standardization — and the organizations that engage with that work early will be in a dramatically better position than those who wait.
Here are actionable next steps if you’re building in this space:
- Track ARD’s development and test its registry APIs as they mature — don’t wait for a stable release to start experimenting
- Adopt OpenAPI-style capability descriptions for your agents now, because they’ll translate directly to discovery registries later
- Implement cryptographic agent IDs even before standards solidify — retrofitting identity is painful
- Design your agents for discoverability from day one — expose clear metadata about capabilities, versioning, and pricing
- Plan for multi-protocol support — your agents will need to speak A2A, ARD, and whatever else emerges from the standards process
Bottom line: the agent discovery infrastructure race is just getting started. The organizations that invest in it early — even imperfectly — will have a real advantage when autonomous agent ecosystems become the norm. And that day is coming faster than most roadmaps currently assume.
FAQ
What is agent discovery, and why do AI agents need their own version of DNS?
Agent discovery is the process by which AI agents find, evaluate, and connect to other agents or services. AI agents need their own version of DNS because traditional DNS only maps domain names to IP addresses — full stop. Agents require richer information: capabilities, trust levels, real-time availability, and pricing. Therefore, a purpose-built discovery system isn’t optional for autonomous agent communication. It’s foundational.
How does ARD differ from traditional DNS?
ARD goes far beyond simple name-to-address mapping. It includes capability descriptions, trust verification, real-time status monitoring, and version tracking — none of which DNS was ever designed to handle. Additionally, ARD handles capability matching, so it doesn’t just tell you where an agent is, but what it can do and whether it’s actually the right fit for your task. Traditional DNS has no concept of any of this.
Can existing API gateways handle agent discovery?
Not really. API gateways like Kong or Apigee manage traffic for known, pre-configured endpoints. However, they don’t handle dynamic capability matching, trust scoring, or autonomous agent negotiation. They’re designed for human-configured, relatively static API setups — which is basically the opposite of what a multi-agent system looks like. Agent discovery requires dynamic, self-updating registries that agents themselves can query and update without human intervention.
What security risks come with agent-to-agent discovery?
The biggest risks are agent impersonation, unauthorized access, and data interception. A malicious agent could register false capabilities to intercept sensitive requests — and without strong verification, nothing stops it. Consequently, solid identity verification, cryptographic authentication, and behavioral monitoring aren’t optional add-ons. They’re critical components of any agent discovery system. Without them, the entire ecosystem is vulnerable in ways that compound quickly.
How does Google’s A2A protocol relate to agent discovery?
Google’s Agent2Agent (A2A) protocol focuses on interoperability — helping agents from different vendors communicate using shared standards. Meanwhile, agent discovery systems like ARD focus on finding the right agent in the first place. They’re complementary layers, not competing ones. A2A handles communication protocols once a connection exists; ARD handles registry and lookup before the connection is made. Both are necessary for a functional multi-agent ecosystem.
When will standardized agent discovery be widely available?
Standardization is still early innings. ARD and similar projects are actively developing, but widespread adoption likely won’t happen until major cloud providers and AI platforms integrate these standards into their existing tooling. Realistically, expect production-ready discovery infrastructure within two to three years — notably, early adopters who build with discoverability in mind today will transition far more smoothly when those standards finally land.
References
Keep reading
Here are the latest posts from the blog.
You’ve probably noticed something strange about MacBook Pro pricing. The 36 GB model and the 18 GB model have identical processors. The only difference is memory — and that d…
We’re living through one of the stranger paradoxes in tech right now. AI models can write production-ready code, flag early-stage cancers, and generate photorealistic images…
Something genuinely new is happening 550 kilometers above your head right now. Google’s Gemma 3 — a compact, open-source language model — is running inference directly aboard…