Writer: Jordan Sprogis
Editor: Lillian Castro
Reviewer: Cristian Lopez
Key Takeaways
- The internet’s bot problem is getting out of hand, but GoDaddy thinks it has a fix with a new AI identity system that can authenticate agents and monitor their interactions.
- Built on the same trust model as SSLs, the framework could change how the web — including hosting providers — manage their own and their clients’ automated traffic.
Hosting giant GoDaddy hopes to put a stop to the hosting stack’s biggest headache: unverified AI agents. In a recent announcement, the company said it’s launching an identity system that is designed to identify where AI agents are coming from and keep agent-to-agent interactions clean.
What’s interesting about it is that it builds on the same public key infrastructure (PKI) that SSL certificates rely on. It’s just that GoDaddy’s taking those standards and molding them to fit agentic AI. It’s a simple idea but it’s one that could absolutely reshape how hosts handle bot traffic.
“As AI agents start communicating with one another, a major challenge is suddenly emerging: there is currently no standard for distinguishing legitimate agents from unvetted or malicious ones, nor enforcing the integrity of agent-to-agent interactions,” the company wrote in its announcement.
It’s as Travis Muhlestein, GoDaddy’s CTO of Product & AI, put it: “The AI agentic space is a lot like the ‘Wild West’ of the early internet.” With so few rules in place, people start to test the limits just to see how far they can go. And that has left the internet without a sheriff. Until now, that is.
Welcome to the Agentic Era
Hosts already know how easily agentic AI can slip through the cracks and be turned against them. GoDaddy’s goal is to make sure its clients can verify who’s on the other side of the door before blindly letting them in and hoping for the best.
At its core, the system takes from the concept of the Agent Name Service — basically an agentic directory/registry system. Think of it as the Yellow Pages for the AI agents.
So, every agent that comes through a site gets asked: Is it verified, in good standing, and do we know where it came from? Think of that like having your passport stamped at Customs.
Let’s take a look at a few instances that show some sort of filtering or verification system is desperately needed:
- Attackers have released fake versions of major AI assistants that look like legitimate chatbots but are really there to cause mayhem, from data scraping to embedding malware. A WIRED story from 2023 talks about “fleeceware,” or ChatGPT-style clone scams that infiltrated the App Store and Google Play stores.
- AI agents are also able to fake news. Known as “deepfaking,” they pose as humans who push questionable information or make high-risk requests (like the Chinese company whose CEO was deepfaked). Studies also warn that AI bots can use propaganda or purposely spread disinformation on political content. That’s something we witnessed during the U.S. 2024 election cycle.
- Research also shows that in systems with multiple agents, it can take just one compromised agent to inject harmful actions that spread across the network like wildfire. This kind of agent “hijacking” is becoming a common method for prompt-based attacks.
GoDaddy’s framework could close one of the biggest blind spots in web infrastructure — if it works, that is.
The company is currently working to make sure the registry will be platform/protocol-agnostic. It will be available via early access in a few weeks, and interested developers can try it before public rollout.
