John Wunderlich, This is interesting Have a better than expected day, John Wunderlich “The law, in its majestic equality, forbids rich and poor alike to sleep under bridges, to beg in the streets, and to steal their bread.” ― Anatole France Calendly: https://calendly.com/privacycdn LinkedIn: https://www.linkedin.com/in/privacycdn/ Bluesky: https://bsky.app/profile/privacycdn.bsky.social Mastodon: https://mastodon.social/@PrivacyCDN Twitter: https://twitter.com/PrivacyCDN ---------- Forwarded message ---------- From: Eve Maler <eve@vennfactory.com> Date: Jul 15, 2026 at 17:01 -0400 To: john@wunderlich.ca Subject: A decade-old standard just got agent-shaped
A working prototype answers the question every agent protocol dodges. ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ ͏ Hi superfriend,
Almost exactly a year ago, I wrote about whether User-Managed Access (UMA) — the standard I founded and ran for years at Kantara — had anything to offer the AI agent moment. I called it Alice-to-Bob and Alice-to-Bot sharing, and left it as an open question. This week, thanks to Nick Gamb, it's not open anymore.
UMA for Agents
Every agent protocol available today answers one question: is this my agent, doing my task, accessing the right digital stuff of mine? None of them answer the harder one: is your agent allowed to touch my digital stuff?
Most identity and security thinking about agents still models the solitary case — one person, their own agent, the digital footprint they already have — when the actual shape of an agent economy is Bob's agent showing up at Alice's door, asking for a resource that's hers. Alice's brokerage dashboard at Meridian Wealth — the actual resource Bob's agent is asking to touch. Source: uma4agents project. Nick and I have spent months trading ideas on how old standards tech holds up under agentic weight, and the proof-of-concept that answers it is his — built directly out of that back-and-forth. It carries UMA 2.0 into agent-shaped mechanics, paired with Dick Hardt's AAuth for agent identity and proof-of-possession.
UMA was built for exactly this kind of asynchronous, policy-based consent — what I described last year (for those of you who remember O.G. web access management) as solving “WAM for people”: Alice gets access management controls of the sort only enterprises normally use, and Bob's agent is told how and where to ask for access instead of simply being denied.
In the demo, Alice is a brokerage client and Bob is her financial advisor. His firm's agent asks for her holdings summary: granted automatically, purpose-bound and expiring, decided against terms Alice set in advance. Her transaction history: granted too, under stricter terms she dictated. Then the agent asks to place an actual trade — Alice's policy says “ask me” — so the request pends, her phone buzzes, and she approves that one trade, and only that trade, from her couch. Every connection, every promised term, every action taken lands in her activity ledger, and she can revoke any of it, any time. Every promise, every touch, every approval — tracked live in Alice's activity ledger. Source: uma4agents project. This is at the heart of the mutual agency problem I describe in Chapter 11 of Mastering Digital Identity. For the standards backstory — requesting parties, resource owners, why delegation matters here — my year-ago post “Whither User-Managed Access in the AI agent era?” has the details. To see it just work, check out Nick's repo.
A 17-year-old sketch, made real
The prototype does one more thing worth knowing about: it implements MyTerms (IEEE Std 7012-2025), the new standard for machine-readable consent terms, extended to cover the kinds of permissions agents actually request and the terms an owner like Alice is willing to grant.
Applying MyTerms in this way descends directly from UMA's “Requesting Party Policy” concept, which I developed along with original UMAnitarians like Paul Bryan and Domenico Catalano. The UMA group was sketching resource-sharing contracts back in 2009. A 2009 mockup for fictional authorization service "CopMonkey"; the UMA group’s earliest sketch of a resource-sharing contract picker. Source: Kantara’s UMA Experience wiki page. Nick checked the prototype directly against the published 7012 standard: Alice's terms live at a stable, dereferenceable address, and both sides walk away holding the identical, signed record of exactly what was agreed.
Come find me
Here's the full roundup of stops in the next two months:
• > July 16 — Book signing, North Texas ISSA Lunch 'n' Learn, Texas Star Country Club, Euless, TX. Register on EventBrite. • > July 21 — Talk, Q&A, and book signing, Silicon Valley ISSA, NetApp offices, San Jose, CA. I'm bringing 100 complimentary copies courtesy of Cyber1Armor. Register on Luma. • > August 3 — Talk and book signing at Ross Young's CISO Retreat, Las Vegas, NV. For CISOs and Deputy CISOs only. Register at CISO Tradecraft. • > August 14 — Speaking, Kwaai.ai virtual Friday public meeting. Details here. • > September 1 — Panel and book signing, The Deepfake Summit, Washington, DC. Convened by The Prism Project and Acuity Market Intelligence. Event details.
Need identity strategy advice?
If your organization is working through the tough questions of agent access control — or any other identity strategy question — reach out. I've got some advisory capacity available starting in October. Talk to Eve about advisory work All my best, Eve
P.S. If you haven't picked up Mastering Digital Identity yet, find out where to buy it and get your free bonus chapter at the same time, at masteringdigitalidentity.com. You’re receiving this email because you signed up to hear from me. Update your preferences or unsubscribe View in browser
-- This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.