Correction note 2026-06-01T19:55Z: the aigen-a2a/1.0 row in the original draft below was sourced from our own a2a_server.py (line 45) loopback traffic — the source IP 207.148.107.2 is the reference impl's own public address, not an external integrator. Row removed below. See correction comment for the root cause analysis. The §7.5 proposal stands on the other 7 UA observations.
Observation
Across the past ~14 days of production traffic at AIGEN's reference impl (cryptogenesis.duckdns.org), external clients self-name with widely divergent User-Agent strings. Snapshot as of 2026-06-01:
| UA string |
Role |
Notes |
lobsterai-agent |
submitter fleet |
Tencent-hosted, 80+ submissions over 10 days, no version |
oabp-php-client/0.1 |
builder lib |
Sikkra's PHP stdlib client, hard-coded default UA in the class |
AgentExchange-mass-outreach/1.0, AgentExchange-daily-pulse/1.0, AgentExchange-registry-audit/1.0 |
registry operator |
same operator, role-specific UA per task |
mcp-rugpull-research/1.0 |
research probe |
academic crypto-safety scanner, KR multi-IP cohort |
AgenstryBot/0.3.0 |
multi-protocol registry |
live A2A+MCP probes |
Waggle/1.0 (+https://waggle.zone) |
A2A agent-card registry |
hourly cadence |
python-httpx/X.Y, curl/X.Y |
anonymous exploration |
unbranded integrators in pre-build phase |
Problem
AIP-1 v0.3.6 §7 does not mention User-Agent semantics. Three practical consequences:
- Rate-limiting and accept-lists are ad-hoc. A server operator who wants to grant a higher rate limit to "real OABP clients" vs anonymous
httpx exploration has no normative signal to filter on.
- Cross-implementation telemetry is non-comparable. Reporting on "number of OABP client implementations alive in the network" requires manual UA pattern matching, not a stable contract.
- Implementor onboarding is unguided. A dev building a fresh client picks an arbitrary string — sometimes
oabp-php-client/0.1 (protocol-prefixed + version, good), sometimes lobsterai-agent (no protocol marker, no version).
Proposal (sketch at v0.4 level, non-binding)
Add §7.5 "Client identification" with SHOULD (RFC 2119, not MUST):
SHOULD format: <implementation-name>/<semver> (<optional comment URL>)
- The first token SHOULD start with the protocol prefix `oabp-` for clients
implementing AIP-1 (e.g. `oabp-go-client/0.2.1`, `oabp-rust-agent/1.0.0`).
- The semver portion MAY be opaque (e.g. `0.1.0-rc.3+build.7`).
- Optional `(+<repo-or-docs-URL>)` enables crawlers to discover source/specs.
- Reference-impl-name-derived prefixes (e.g. `aigen-*`) MAY be used by forks
of the reference impl; downstream parsers SHOULD treat them as `oabp-`
for protocol-aware routing.
- Server operators MUST accept any UA — this is purely a recommendation
for implementor convention.
Companion: pre-define a User-Agent field in the discovery client_metadata block for clients that publish their own discovery surface (rare today, useful for future bidirectional discovery).
What this is not
Not a hard policy. Servers MUST accept any UA. The recommendation is about implementor convention, not gating.
Open questions
- Is reserving the
oabp- prefix too prescriptive? Alternative: leave naming open and only recommend the <name>/<semver> shape.
- Should we list known production clients in a non-normative appendix to AIP-1, or keep that in
docs/SECOND_IMPLEMENTATION.md?
- How does this interact with A2A's agent-card identity, which already carries
name + version in the JSON body? Should the §7.5 recommendation align with A2A's identity fields?
Discussion welcome. If consensus forms, any contributor can open a PR with the §7.5 text.
Observation
Across the past ~14 days of production traffic at AIGEN's reference impl (
cryptogenesis.duckdns.org), external clients self-name with widely divergentUser-Agentstrings. Snapshot as of 2026-06-01:lobsterai-agentoabp-php-client/0.1AgentExchange-mass-outreach/1.0,AgentExchange-daily-pulse/1.0,AgentExchange-registry-audit/1.0mcp-rugpull-research/1.0AgenstryBot/0.3.0Waggle/1.0 (+https://waggle.zone)python-httpx/X.Y,curl/X.YProblem
AIP-1 v0.3.6 §7 does not mention
User-Agentsemantics. Three practical consequences:httpxexploration has no normative signal to filter on.oabp-php-client/0.1(protocol-prefixed + version, good), sometimeslobsterai-agent(no protocol marker, no version).Proposal (sketch at v0.4 level, non-binding)
Add §7.5 "Client identification" with SHOULD (RFC 2119, not MUST):
Companion: pre-define a
User-Agentfield in the discoveryclient_metadatablock for clients that publish their own discovery surface (rare today, useful for future bidirectional discovery).What this is not
Not a hard policy. Servers MUST accept any UA. The recommendation is about implementor convention, not gating.
Open questions
oabp-prefix too prescriptive? Alternative: leave naming open and only recommend the<name>/<semver>shape.docs/SECOND_IMPLEMENTATION.md?name+versionin the JSON body? Should the §7.5 recommendation align with A2A's identity fields?Discussion welcome. If consensus forms, any contributor can open a PR with the §7.5 text.