Skip to content

Commit 82f3d3d

Browse files
committed
docs: audit logs track meeting notes 2025-12-02
Signed-off-by: Alan Pinkert <apinkert@cisco.com>
1 parent 4f5df6d commit 82f3d3d

1 file changed

Lines changed: 34 additions & 0 deletions

File tree

  • docs/contribute/wip/5_Audit_Logs_Standardization/meeting_notes
Lines changed: 34 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,34 @@
1+
# Notes
2+
3+
* Frameworks
4+
* AGNTCY Observe
5+
* Still needs user context
6+
* OpenTelemetry
7+
* How the above two are related / overlapping?
8+
* OASF / OCSF
9+
* Homegrown systems?
10+
* What vs how?
11+
* Are we focused only on identity or the whole thing?
12+
* User context: whether the agent is acting on behalf of a user (delegation, impersonation)
13+
* Privacy? Set aside for now, bring it in later
14+
* Comparison to “normal” distributed systems
15+
* Deterministic vs stochastic
16+
* Why was the path chosen? What other paths could have been taken?
17+
* Problems we’re trying to solve
18+
* What are we expecting?
19+
* Capturing identity context
20+
* Capturing authorization context (was it OAuth? SAML? API token?)
21+
22+
Documents reviewed:
23+
* https://opentelemetry.io/docs/specs/semconv/gen-ai/gen-ai-spans/
24+
* Seems like Otel’s conventions plus attributes to help record `slim`?
25+
* https://diforum.community/posts/trust-frameworks-for-ai-agents-traceability
26+
* https://github.com/agntcy/observe/tree/main/schema
27+
28+
Action Items:
29+
30+
* Jim: NIST controls
31+
* Alan: make a spreadsheet of frameworks and perform a gap assessment (check if there are already extensions)
32+
* Alan: create a list of problems we’re trying to solve / capabilities we expect the framework to have
33+
* Mohamed: Talk to Outshift folks working on Observe
34+
* Mohamed: Test AGNTCY observe SDK for auditing capabilities

0 commit comments

Comments
 (0)