Three Questions, Not One

When an agent acts in the world, three questions arise. The entire market treats them as one question. They're not — and the one that matters most is the one almost nobody is answering. When an agent acts in the world — sends an email, makes a purchase, accesses data, signs a contract — three questions arise. Everyone treats them as one question. They're not. Question One: Which Agent? Identity. This is solved. API keys, OAuth tokens, agent IDs, session credentials. Every platform answers this. This request came from Agent X, running on behalf of User Y. The tooling is mature. The protocols exist. There's nothing novel about establishing which agent made a request. This is solved infrastructure, the same way DNS is solved infrastructure — you could build a better version, but nobody needs you to. Question Two: Authorized by Whom? Delegation. This is partially solved. RBAC says agents in this role can do X. ABAC says agents with these attributes in this context can do Y. Policy engines