GEN-Dispatch K. ATTOUMANI MOHAMED Internet-Draft D. BENJAMIN Intended status: Informational Meta-Layer Initiative Expires: 8 April 2026 October 2025 The Meta-Layer: A Coordination Substrate for Presence, Annotation, and Governance on the Web draft-meta-layer-overview-00 Abstract This document introduces the concept of a Meta-layer: a programmable coordination substrate that operates above content layers on the Internet. The Meta-layer enables communities, individuals, and agents to appear, annotate, and govern together in shared digital space, independent of underlying platforms. It is not a replacement for existing web or transport protocols, but a complementary infrastructure that integrates with them. The draft outlines the motivation, terminology, use cases, implementation model, risks, security considerations, and potential IANA registries for future work. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." Copyright Notice Copyright (c) 2025 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/ license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. ATTOUMANI MOHAMED & BENJAMExpires 8 April 2026 [Page 1] Internet-Draft Meta-layer Overview October 2025 Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on 4 April 2026. Copyright Notice Copyright (c) 2025 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/ license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Problem Statement . . . . . . . . . . . . . . . . . . . . . . 4 3. Relevance to the IETF . . . . . . . . . . . . . . . . . . . . 5 3.1. Applications and Real-Time (ART) Area . . . . . . . . . . 5 3.2. Security (SEC) Area . . . . . . . . . . . . . . . . . . . 5 3.3. IRTF Research Groups . . . . . . . . . . . . . . . . . . 5 3.4. General Area (GEN) . . . . . . . . . . . . . . . . . . . 6 3.5. Collaboration with W3C and Other Bodies . . . . . . . . . 6 4. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 6 5. Implementation Model . . . . . . . . . . . . . . . . . . . . 7 5.1. Browser Extensions & Presence SDKs . . . . . . . . . . . 7 5.2. Embedded Components in Web Applications . . . . . . . . . 7 5.3. Federation Across Domains . . . . . . . . . . . . . . . . 7 5.4. Trusted Execution for Agents . . . . . . . . . . . . . . 7 5.5. Open APIs & Developer Onramps . . . . . . . . . . . . . . 7 ATTOUMANI MOHAMED & BENJAMExpires 8 April 2026 [Page 2] Internet-Draft Meta-layer Overview October 2025 5.6. Progressive Deployment . . . . . . . . . . . . . . . . . 7 6. Use Cases . . . . . . . . . . . . . . . . . . . . . . . . . . 7 6.1. Safe Digital Space . . . . . . . . . . . . . . . . . . . 8 6.2. Cross-Site Knowledge & Interaction Flow . . . . . . . . . 8 6.3. Agent Containment . . . . . . . . . . . . . . . . . . . . 8 7. Risks and Mitigation . . . . . . . . . . . . . . . . . . . . 8 8. Security Considerations . . . . . . . . . . . . . . . . . . . 8 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 9 10. Normative References . . . . . . . . . . . . . . . . . . . . 9 11. Informative References . . . . . . . . . . . . . . . . . . . 9 Appendix A. Authors' Addresses . . . . . . . . . . . . . . . . . 10 1. Introduction The Internet has evolved from a document-sharing network into a global application substrate. However, it has never included a shared layer for presence, annotation, provenance, and contextual governance across domains. These functions remain fragmented, implemented in proprietary platforms or plugins, without interoperability or transparency. The idea of a higher-level coordination or annotation layer above content is not new: Vannevar Bush (1945) “As We May Think,” _The Atlantic Monthly_, introduced associative trails—linked paths of thought that presaged hypertext and the idea of connecting knowledge above documents. Ted Nelson (1965) “Complex information processing: a file structure for the complex, the changing and the indeterminate” introduced hypertext as a precursor to a cross-page meta-layer. Douglas Engelbart (1968) “The Mother of All Demos” (FJCC, San Francisco) publicly demonstrated NLS with hypertext, on-screen overlays, and view controls—effectively a layer above documents. Tim Berners-Lee (2001) “The Semantic Web,” _Scientific American_, framed a data/meaning layer on top of the Web, i.e., machine- understandable metadata layered over pages. Marc Andreessen (2012) “Why Andreessen Horowitz Is Investing in Rap Genius,” describing widespread web annotation as the “missing layer of the Internet.” ATTOUMANI MOHAMED & BENJAMExpires 8 April 2026 [Page 3] Internet-Draft Meta-layer Overview October 2025 The Meta-layer Initiative seeks to translate these longstanding conceptual foundations into open, interoperable infrastructure under IETF stewardship—turning decades of vision into a standard that integrates presence, annotation, provenance, and governance as native Internet functions. 2. Problem Statement Current IETF protocols provide robust foundations for transport (TCP, QUIC), security (TLS), and identity (OAuth, OIDC, SCIM). However, the Internet still lacks standardized primitives for: * Presence: expressing who is here, under what rules, and with what visibility. * Annotation: attaching structured meaning (claims, challenges, polls, bridges) to content across domains. * Provenance: cryptographically linking contributions to identity and context. * Governance: enabling communities to compose and enforce rules transparently. * Agent Containment: running AI and automated processes inside bounded, verifiable execution environments. Today, these behaviors exist only as fragmented features inside proprietary platforms. This results in interoperability gaps, inconsistent privacy guarantees, lack of portability, and absence of shared governance mechanisms. While the W3C Web Annotation Data Model (2017) has defined a standard format for content-level annotations, it does not address cross- domain interoperability, provenance, or rule-based governance. The Meta-layer complements W3C’s work by proposing a protocol-level substrate—capable of operating across applications and domains—where annotations, presence, and governance can interoperate securely and transparently. The absence of such a substrate has long been recognized: the ability to annotate and govern content was described as a “missing feature” of the web browser, and calls to explore a “meta-environment above the page” have been made by early Internet pioneers. As Marc Andreessen noted in “Why Andreessen Horowitz Is Investing in Rap Genius” (2012), this “missing layer” reflects a longstanding need for interoperable annotation infrastructure. ATTOUMANI MOHAMED & BENJAMExpires 8 April 2026 [Page 4] Internet-Draft Meta-layer Overview October 2025 These concepts build on the architectural vision outlined in “The Metaweb: The Next Level of the Internet” (Bridgit DAO, CRC Press/ Taylor & Francis, 2023), which introduced the concept of a “meta- layer above the webpage” as a civic and computational trust substrate. This draft operationalizes that vision for standardization within the IETF context. 3. Relevance to the IETF This work aligns with several ongoing activities across IETF Areas and external web-standard bodies. 3.1. Applications and Real-Time (ART) Area Defines application-layer primitives for presence, annotation, and overlays, complementing ongoing work such as MIMI (Messaging Interoperability) and HTTP APIs. The Meta-layer’s semantic and contextual overlay model complements W3C’s Web Annotation work by introducing interoperable signaling, provenance, and governance primitives at the Internet protocol layer. 3.2. Security (SEC) Area The Meta-layer depends on secure identity, accountability, cryptographic provenance, and trusted execution environments (TEEs). It builds upon and extends existing work in OAuth, OIDC, Privacy Pass, and SCIM for federated identity and access control; RATS (Remote ATtestation ProcedureS) and EAT (Entity Attestation Token) for verifying trustworthiness of execution environments; COSE (CBOR Object Signing and Encryption) and CFRG for cryptographic signing and post-quantum resilience; and SUIT (Software Updates for IoT) for maintaining verified code integrity within TEEs. TEEs are thus positioned as security primitives within the IETF SEC Area, ensuring that agents in the Meta-layer execute in verifiable, policy- constrained, and auditable contexts. 3.3. IRTF Research Groups The governance and AI-containment aspects of the Meta-layer overlap with ongoing research in PEARG (Privacy Enhancements and Assessments RG) and RASPRG (Research and Analysis of Standard-Setting Processes RG). The initiative can also contribute to IRTF and IAB workshops on AI accountability, provenance, and sustainable governance models. ATTOUMANI MOHAMED & BENJAMExpires 8 April 2026 [Page 5] Internet-Draft Meta-layer Overview October 2025 3.4. General Area (GEN) Since the Meta-layer crosses multiple areas (ART, SEC, OPS, IRTF), GEN-Dispatch is an appropriate venue to discuss scope and determine whether a dedicated Working Group (WG) or Research Group (RG) is warranted. 3.5. Collaboration with W3C and Other Bodies The Meta-layer aims to be complementary to ongoing efforts in W3C (e.g., Web Annotation, ActivityPub, and provenance standards) and ISO/IEC JTC1 AI frameworks, by providing a network-layer and governance substrate that ensures interoperability, accountability, and trust across ecosystems. 4. Terminology (Working definitions) Overlay Semantic/visual layer rendered above digital content, carrying presence indicators, tags, and interactions; governed by community rule modules. Smart Tag Typed, structured annotation (e.g., note, claim, challenge, poll, bridge); signed, timestamped, interactive, filterable. Bridge Semantic link connecting two pieces of content (support, challenge, context) across domains. Presence Identity expression in digital space, scoped by context and rules (visible, pseudonymous, invisible). Governance Module Composable logic defining rules for interaction, moderation, participation, and policy enforcement within an overlay. Agent Automated or semi-autonomous process (AI, bot, scripted service) operating within the Meta-layer under policy constraints. TEE (Trusted Execution Environment) Secure, attestable runtime container for agent execution, supporting constraints, logging, attestation. Provenance Verifiable origin, context, and authorship of tags/actions/agent behaviors via signed metadata and timestamps. ATTOUMANI MOHAMED & BENJAMExpires 8 April 2026 [Page 6] Internet-Draft Meta-layer Overview October 2025 5. Implementation Model The Meta-layer operates above existing content without requiring fundamental Web changes. Functions are delivered via extensions, SDKs, and open APIs. 5.1. Browser Extensions & Presence SDKs Lightweight extension or embeddable SDK renders overlays on existing sites. Overlays carry smart tags, presence, governance. Interoperable and governed by open registries (unlike closed annotation tools). 5.2. Embedded Components in Web Applications Sites integrate Meta-layer widgets or frames (e.g., a semantic sidebar in e-learning portals) via web-embed SDK. No browser installation required for end users in these contexts. 5.3. Federation Across Domains Identity, tags, and governance rules are portable. Provenance (signatures, timestamps) ensures authenticity across domains. 5.4. Trusted Execution for Agents Agents operate in bounded execution environments (e.g., TEEs) with policy-defined capabilities, rates, and auditable logs. 5.5. Open APIs & Developer Onramps APIs expose registries for tag types, badge schemas, governance modules. Third parties define new tag types, build overlays, or fork rule modules. Interop via stable identifiers (IANA-registered if standardized). 5.6. Progressive Deployment Early opt-in communities (e.g., research/fact-checking overlays). Later: native integrations once interop/security are proven. No "flag day"—coexists and incrementally extends today’s Internet. 6. Use Cases ATTOUMANI MOHAMED & BENJAMExpires 8 April 2026 [Page 7] Internet-Draft Meta-layer Overview October 2025 6.1. Safe Digital Space Federated identity, proof-of-humanity, and contextual filters enable communities to restrict participation (e.g., verified humans; scoped agent permissions) and create bot-resistant, trustable interaction zones. 6.2. Cross-Site Knowledge & Interaction Flow Smart tags and bridges make annotations portable and filterable across sites, building shared knowledge graphs with provenance. 6.3. Agent Containment Agents run in attested TEEs with logged behaviors and community- defined permissions—preventing unbounded automation and interaction while enabling useful collaboration. 7. Risks and Mitigation * Identity fraud and bots: federated identity, contextual privileges, proof-of-humanity (when needed). * Governance capture: modular rule modules, open registries, and forkable governance. * Annotation spam or overload: attention-based rendering, overlay moderation, reputation weighting, rate limits. * Privacy loss: scoped presence, pseudonymity, user-controlled visibility, data-minimizing defaults. * Fragmentation: shared registries for tag types, governance modules, and semantic formats, with room for extensions or forks. 8. Security Considerations * Identity and Authentication: leverage OAuth, OIDC, SCIM, Privacy Pass. * Cryptographic Provenance: sign and timestamp tags and bridges; consider hybrid/post-quantum algorithms over time. * Agent Containment: bounded TEEs or verifiable sandboxes with attestation and enforceable policy. * Privacy: opt-in presence and annotation; scoped visibility; minimize metadata exposure. ATTOUMANI MOHAMED & BENJAMExpires 8 April 2026 [Page 8] Internet-Draft Meta-layer Overview October 2025 * Registries and Extensions: standardized, auditable registries (designated expert review) to prevent identifier squatting or abuse. 9. IANA Considerations No immediate IANA actions requested. If standardized, potential new registries include: * Meta-layer Smart Tag Types Registry (e.g., note, claim, bridge, poll, challenge). * Governance Module Registry (reusable rule modules for overlays/participation/moderation). * Badge and Role Types Registry (moderator, validator, scribe, etc.). Registries should balance extensibility with security and interoperability, using clear specification references and designated-expert review. 10. Normative References [RFC2026] Bradner, S., "The Internet Standards Process -- Revision 3", RFC 2026, DOI 10.17487/RFC2026, 1996, . [RFC7990] Flanagan, H., "RFC Format Framework", RFC 7990, DOI 10.17487/RFC7990, 2016, . [RFC9110] Fielding, R., Nottingham, M., and J. Reschke, "HTTP Semantics", RFC 9110, DOI 10.17487/RFC9110, 2022, . [RFC6749] Hardt, D., "The OAuth 2.0 Authorization Framework", RFC 6749, DOI 10.17487/RFC6749, 2012, . 11. Informative References [W3C-WebAnnotation] Consortium, W. W. W., "Web Annotation Data Model", W3C Recommendation annotation-model, 2017, . ATTOUMANI MOHAMED & BENJAMExpires 8 April 2026 [Page 9] Internet-Draft Meta-layer Overview October 2025 [MetaLayerWhitePaper] Initiative, M., "Meta-layer White Paper", 2025, . [MetawebBook] DAO, B., "The Metaweb: The Next Level of the Internet", Publisher Taylor & Francis / CRC Press, 2023, . [Bush1945] Bush, V., "As We May Think", The Atlantic Monthly, July 1945, . [Engelbart1968] Engelbart, D., "The Mother of All Demos", 9 December 1968. [Nelson1965] Nelson, T. H., "Complex information processing: a file structure for the complex, the changing and the indeterminate", 1965, . [BernersLee2001] Berners-Lee, T., "The Semantic Web", Scientific American, May 2001, . [Andreessen2012] Andreessen, M., "Why Andreessen Horowitz Is Investing in Rap Genius", October 2012, . [CerfRemarks2023] Cerf, V. G., "Review of "The Metaweb: The Next Level of the Internet"", 2023. [IAB-IRTF-AI-Workshops] IRTF, I. /, "IETF/IAB/IRTF workshop reports on AI governance and provenance", 2023. Appendix A. Authors' Addresses Karim ATTOUMANI MOHAMED ATTOUMANI MOHAMED & BENJAMExpires 8 April 2026 [Page 10] Internet-Draft Meta-layer Overview October 2025 Meta-Layer Initiative Email: karimattoumanimohamed@gmail.com Daveed Benjamin Meta-Layer Initiative Email: daveed@bridgit.io ATTOUMANI MOHAMED & BENJAMExpires 8 April 2026 [Page 11]