Tyche Institute URI Registry · Service type identifier

AgentRuntimeEndorser

https://uri.eatf.eu/TrstSvc/Svctype/AgentRuntimeEndorser
Registered2026-07-16 (version 1.0, current)
Registered byTyche Institute (Estonian non-profit research association, registry code 80673227), Tallinn, Estonia — scheme operator of the EATF Research Interoperability Scheme
BasisETSI TS 119 612 V2.4.1, clause 5.5.1.0, value (d): “any other URI value registered and described by the scheme operator or another entity”; Annex D.3 (Scheme registered URIs)
Related TSL fieldService type identifier (clause 5.5.1)
Machine-readablemeta.json

Description

A service endorsing autonomous agent runtimes. An AgentRuntimeEndorser

  1. appraises hardware-rooted runtime attestation evidence for an autonomous software agent — for example, TPM quotes appraised into an EAT Attestation Result under the IETF Remote ATtestation procedureS (RATS) architecture (RFC 9334);
  2. verifies the mandate under which the agent is authorised to act, including the identity of the mandating party and the scope of the delegated authority; and
  3. issues machine-verifiable endorsement attestations — for example, MachineMandate credentials presented over OpenID for Verifiable Presentations — that cryptographically bind the attested runtime to that mandate.

Trusted-list semantics

When a trusted list conforming to ETSI TS 119 612 lists a service under this service type identifier, a relying-party verifier shall accept an endorsement attestation only if all of the following hold:

A cryptographically valid signature from an issuer not listed in this role is not sufficient: authority traces to the root of the trusted list, not to possession of a key. Listing under a different service type (for example, …/Svctype/CA/QC) does not authorise agent-runtime endorsement.

Rationale

No service type defined in ETSI TS 119 612 V2.4.1 (clauses 5.5.1.1–5.5.1.3) identifies a service that endorses an autonomous agent runtime on the basis of runtime attestation evidence. This identifier closes that gap for research and interoperability purposes. A reference implementation — a role-aware trusted-list validator and an end-to-end pipeline welding a live hardware-attestation verdict into a wallet-issued MachineMandate — is published as the EUDI verifier bench (Zenodo, 2026).

History

Earlier proof-of-concept artifacts (including the EUDI verifier bench release of 2026-07-01) used the string http://uri.etsi.org/TrstSvc/Svctype/AgentRuntimeEndorser/Q as an explicitly illustrative placeholder. That string lies under the ETSI-registered radix and was never a registered ETSI type; it should not be used. The URI defined on this page is the canonical identifier as of 2026-07-16.

Scope and legal effect

This service type is published for research and interoperability experimentation within the EATF Research Interoperability Scheme. It is not a trust service type defined in Regulation (EU) No 910/2014, it does not appear in any EU Member State trusted list, and a listing under it confers no legal effect and no “qualified” status. Tyche Institute publishes research specifications and reference implementations; it does not provide trust services and does not operate as a trust service provider.