AI & Open Standards · Open Source
The Standard for Trusted AI Agents
Agent Definition Language (ADL) is an open specification that gives AI agents a structured, verifiable identity — the governance document that lets organizations say yes to AI with confidence.
The Problem ADL Solves
Organizations are deploying AI agents faster than their governance frameworks can keep up. Security teams are asked to approve agents they cannot inspect. Compliance officers are mapping capabilities to frameworks they were never designed to handle. CISOs are being handed risk without the tools to assess it.
ADL was created to close that gap. Before building the specification, Terry Nederveld researched the existing landscape — agent cards, tool registries, identity protocols, compliance frameworks — and found that nothing addressed the full picture: identity, permissions, lifecycle, and compliance in a single, machine-readable document.
ADL is that document. It functions as an agent passport — a structured, verifiable record that contains everything a governance team needs to evaluate, authorize, and audit an AI agent before and after deployment.
Status
Draft specification · Provisional patent filed · RFC submitted to IETF
Origin
Created by Terry Nederveld, co-founder of Ironstead Group
License
Open source · Vendor neutral · Runtime agnostic
Standards Process
Submitted to the Internet Engineering Task Force (IETF) for RFC consideration
Sponsor
Ironstead Group LLC
What ADL Defines
Six core capabilities that together give organizations complete governance coverage for AI agent deployments.
Cryptographic Identity
Every agent gets a verifiable, tamper-evident identity using W3C Decentralized Identifiers (DIDs) and attestation support — so you always know which agent is acting, and you can prove it.
Permission Boundaries
ADL enforces deny-by-default permission scoping. Agents declare exactly what they can access, and nothing more. Governance teams can review, approve, and revoke permissions without touching agent code.
Lifecycle Tracking
Agents have explicit lifecycle states — draft, active, deprecated, sunset — with timestamps and transition rules. Organizations can manage fleets of agents with the same rigor applied to software deployments.
Compliance Mappings
Built-in mappings to NIST 800-53, SOC 2 Type II, ISO 27001:2022, and the EU AI Act. Compliance teams get the language they already speak, applied directly to AI agents.
Interoperability
ADL is designed to work alongside existing standards: MCP configurations, A2A Agent Cards, OpenAPI specifications, and W3C DIDs. It complements your stack rather than replacing it.
Vendor Neutral
The specification is runtime-agnostic and provider-neutral. Whether you run agents on Claude, GPT, Gemini, or a self-hosted model, ADL works the same way.
Built for the Frameworks You Already Use
ADL doesn't ask compliance teams to learn a new framework. It maps directly to the standards organizations already operate under, translating AI agent characteristics into the language auditors and regulators recognize.
NIST 800-53
Federal security controls for information systems
SOC 2 Type II
Trust service criteria for security and availability
ISO 27001:2022
International information security management standard
EU AI Act
European Union risk-based AI regulation framework
Origin & Sponsorship
Agent Definition Language was conceived and authored by Terry Nederveld, co-founder of Ironstead Group. The specification emerged from a firsthand understanding of what enterprise organizations actually need to govern AI agents responsibly — and a recognition that the existing tools weren't providing it.
Ironstead Group is the primary sponsor of the ADL open source project, providing the resources and direction needed to move the specification through the standards process and into real-world adoption. The project is open to contributors and organizations who want to help shape the future of AI governance.