The rapid proliferation of AI agents—autonomous software entities that perform tasks, interact with users, and collaborate with other agents—has created a pressing need for a reliable, open, and scalable mechanism to discover where these agents are and how to communicate with them. Currently, numerous proprietary agent registries exist, each with its own protocols, trust models, and access controls. The Linux Foundation, a nonprofit organization that hosts many of the open-source projects underpinning modern technology, believes the solution is already in place: the Domain Name System (DNS), the distributed directory that powers the internet.

On May 29, 2026, the Linux Foundation announced the DNS-AID project, an open standard that uses DNS as a global, vendor-neutral directory for AI agents. The proposal leverages the existing infrastructure of DNS, requiring no new hardware, protocols, or trust anchors. Instead, domain owners would create a well-known address—_index._agents.{domain}—that serves as a starting point for agents seeking to discover other agents or Model Context Protocol (MCP) servers within that domain. This approach, the foundation argues, ensures that agent discovery remains scalable, secure, and compatible with the underlying protocols of the internet.

The DNS-AID project is still in its early stages, and many technical details remain to be finalized. However, the core idea is straightforward: just as DNS maps human-readable domain names to IP addresses, DNS-AID maps domain names to the locations and capabilities of AI agents. An agent looking for a payment processing agent at a particular company could query the DNS for _index._agents.example.com and receive a DNS record listing available agents, their endpoints, supported protocols, and public keys for verification. This eliminates the need for a centralized registry or a proprietary discovery service.

Jim Zemlin, CEO of the Linux Foundation, emphasized the importance of open infrastructure in a statement accompanying the announcement. “AI agents are quickly becoming the connective tissue of the modern internet, but without secure, open discovery infrastructure, that connectivity becomes a liability,” he said. “DNS-AID helps anchor agent discovery in the DNS infrastructure that the internet already trusts.”

Background and Origins

The DNS-AID standard was initially developed by staff at Infoblox, a company known for its network control and DNS security solutions. Infoblox engineers recognized that the challenges of agent discovery mirrored earlier challenges in email server discovery (MX records) and service discovery (SRV records). They proposed extending DNS with a new record type specifically designed for AI agents. The latest internet draft of the proposal includes contributions from Deutsche Telekom and Amazon, indicating broad industry interest. The Linux Foundation intends that DNS-AID will remain vendor-neutral, governed by an open community process similar to other foundation projects like Kubernetes or the Linux kernel.

The timing of DNS-AID’s announcement reflects the explosion of AI agent adoption. According to industry analysts, the number of active AI agents—from customer service bots to autonomous coding assistants—is expected to grow from hundreds of thousands in 2025 to billions by 2030. Without a universal discovery mechanism, agents would remain siloed, unable to interoperate, verify each other’s identities, or securely exchange data. This fragmentation could hinder the vision of an “agent internet,” where agents collaborate seamlessly across organizational boundaries.

How DNS-AID Works

At a high level, DNS-AID defines a new DNS resource record type (provisionally named “AGENT” or “AIAGENT”) that contains metadata about an AI agent. The key innovation is the use of a well-known service name, analogous to the way SMTP uses _smtp._tcp for mail servers. For AI agents, the service name is _agents and the protocol is left intentionally flexible—agents can communicate via HTTPS, WebSocket, gRPC, or any other protocol they choose. The DNS query returns a set of records that include:

• The agent’s endpoint (e.g., https://agent1.example.com:443)
• The capabilities it supports (e.g., payment processing, natural language understanding, data analysis)
• Its public key or certificate hash for verification
• The version of the DNS-AID schema in use

For security, the DNS-AID proposal mandates the use of DNSSEC (DNS Security Extensions) to ensure that the records have not been tampered with during transmission. Since DNSSEC is already widely deployed for domain names, this adds no new overhead. Additionally, agents can use the DNS-AID records to authenticate each other by comparing the public key in the DNS response with the key presented during the connection setup.

The Model Context Protocol (MCP) is a related standard that defines how AI agents describe their capabilities and context. DNS-AID can serve as the discovery layer for MCP servers, allowing agents to find servers that match their task requirements. For example, an agent needing a travel booking service could query _index._agents.travelcompany.com, receive a list of MCP servers, and then negotiate the details of the interaction using MCP messages.

Industry Implications and Challenges

DNS-AID’s reliance on existing DNS infrastructure means that adoption could be rapid, at least among organizations that already manage DNS for their domains. However, there are challenges. First, the standard is still a draft; it must pass through the Internet Engineering Task Force (IETF) as an informational or standards-track RFC. The IETF process can take months or years. Second, DNS-AID requires that domain owners maintain accurate and up-to-date agent records. Stale or incorrect records could lead to failed connections or security breaches. The Linux Foundation plans to publish best practices for agent lifecycle management alongside the standard.

Another challenge is the scalability of DNS queries for millions of agents. Current DNS infrastructure handles billions of queries per day for web traffic, but agent discovery could add a new dimension of load, especially if agents query recursively for every interaction. The proposal suggests caching with short time-to-live (TTL) values to balance freshness and performance. Additionally, the use of anycast DNS servers can distribute load globally.

From a competitive standpoint, DNS-AID poses a threat to commercial agent registries offered by companies like Salesforce, Microsoft, and other platform vendors. These proprietary solutions provide fine-grained access control, analytics, and integration with their ecosystems. However, the Linux Foundation argues that the internet’s history shows that open, decentralized standards—like DNS itself—ultimately win over proprietary directories, as they lower barriers to entry and foster innovation. The involvement of Amazon (a major cloud provider) and Deutsche Telekom (a leading telecom) suggests that large players see strategic value in an open standard that can interconnect their services.

The announcement also highlights a broader trend: the convergence of AI and internet infrastructure. Just as the web needed HTTP, HTML, and DNS to flourish, the agent ecosystem requires common protocols for discovery, identity, and communication. DNS-AID addresses the discovery piece; MCP addresses capability description; and emerging standards like OAuth 2.0 for agent authentication fill the identity gap. The combination of these standards could enable a truly open agent economy.

Technical Deep Dive: The DNS-AID Record Structure

While the exact format is still under development, the internet draft suggests a structured DNS TXT record or a new resource record containing a JSON payload. A simplified example of a DNS-AID record might look like:

_index._agents.example.com. 3600 IN AGENT "agent1.example.com:443"
  "capabilities": ["payment


Source: InfoWorld News