Network Working Group JDAJ. Jewell Internet-Draft National Union of Journalists Intended status: Informational 15 August 2025 Expires: 16 February 2026 AI Boundary Declaration Protocol (AIBDP) draft-jewell-aibdp-00 Abstract This document defines the AI Boundary Declaration Protocol (AIBDP), a declarative framework for expressing usage boundaries around web- hosted content in relation to AI systems. It builds on the mechanisms of RFC 2196 and RFC 9116, as well as on the HTTP semantics of RFC 9110 and the robots-style inclusion rules of RFC 7725, to provide machine-readable permissions and denials for indexing, training, mimicry, representation, derivative construction, analytical exploitation, and agentic access. AIBDP supports ethical infrastructure, agentic AI governance, and procedural clarity across the Internet. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on 16 February 2026. Copyright Notice Copyright (c) 2025 IETF Trust and the persons identified as the document authors. All rights reserved. Jewell Expires 16 February 2026 [Page 1] Internet-Draft Consent Required August 2025 This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/ license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 2. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 2 3. Manifest Format . . . . . . . . . . . . . . . . . . . . . . . 3 4. Consent States . . . . . . . . . . . . . . . . . . . . . . . 4 5. Use Case Scenarios . . . . . . . . . . . . . . . . . . . . . 4 6. Interoperability with HTTP 430 . . . . . . . . . . . . . . . 4 7. Security Considerations . . . . . . . . . . . . . . . . . . . 5 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 5 9. Normative References . . . . . . . . . . . . . . . . . . . . 5 Appendix A. Appendix A. Implementation Examples . . . . . . . . 5 Appendix B. Acknowledgements . . . . . . . . . . . . . . . . . . 6 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 6 1. Introduction As AI systems become increasingly capable of autonomous interaction, generation, and ingestion of online content, current technical governance mechanisms such as robots.txt [RFC9309], security.txt [RFC9116], HTTP semantics per RFC 9110, and licensing-metadata fail to communicate granular boundaries for ethical AI use. AIBDP introduces a declarative perimeter protocol designed to enable web publishers and institutions to express machine-readable consent declarations for specific categories of AI use, including indexing, training, agentic access, stylistic imitation, derivative prompting, analytic harvesting, and infrastructural activation. The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119. 2. Definitions AIBDP declarations may be conveyed through: * .well-known/aibdp.json manifest * HTTP response headers (e.g., GenAI-Consent) * DNS TXT records Jewell Expires 16 February 2026 [Page 2] Internet-Draft Consent Required August 2025 * HTML meta tags Declaration keys are grouped by category: * consent: indexing, training, generation * agentic: access, fallback * representation: embedding, summarization, metadataHarvesting, multiHopRetrieval * influence: stylisticImitation, thematicRegeneration, partialSampling * derivation: promptDerivation, fineTuningBootstrap, templateReuse * analytics: sentimentClassification, entityResolution, patternMining * infrastructure: autonomousTaskTriggering, crossDomainAggregation, consentCircumvention 3. Manifest Format AIBDP declarations are published as a JSON file: Location: /.well-known/aibdp.json Media Type: application/aibdp+json Example manifest: { "consent": { "indexing": "allow", "training": "deny", "generation": "deny" }, "agentic": { "access": "deny", "fallback": "deny" }, "representation": { "embedding": "deny", "summarization": "deny", "metadataHarvesting": "deny", "multiHopRetrieval": "deny" }, "influence": { "stylisticImitation": "deny", "thematicRegeneration": "deny", "partialSampling": "deny" }, "derivation": { "promptDerivation": "deny", "fineTuningBootstrap": "deny", "templateReuse": "deny" }, "analytics": { "sentimentClassification": "deny", "entityResolution": "deny", "patternMining": "deny" }, "infrastructure": { "autonomousTaskTriggering": "deny", "crossDomainAggregation": "deny", "consentCircumvention": "deny" }, "notice": "This content is protected under AIBDP. Unauthorized ingestion or derivative use constitutes breach." } Jewell Expires 16 February 2026 [Page 3] Internet-Draft Consent Required August 2025 4. Consent States AIBDP supports the following values: * allow * deny * limited * sandbox * deferred * reviewed * license * disclosed * aggregatedOnly * anonymisedOnly Absence of a key implies undefined, not implicitly permitted. 5. Use Case Scenarios * Public blogs requiring attribution for stylistic reuse. * Journalistic archives denying training and derivative use. * Academic repositories permitting vector embedding only for licensed research. * Creative portfolios blocking agentic model invocation. 6. Interoperability with HTTP 430 Per draft-jewell-http-430-consent-required [_30], if a client fails to comply with AIBDP boundaries, the server MAY respond: HTTP/1.1 430 Consent Required Content-Type: application/json /well-known/aibdp.json; rel="blocked-by" Jewell Expires 16 February 2026 [Page 4] Internet-Draft Consent Required August 2025 Retry-After: 86400 { "error": "Consent declaration missing or invalid.", "reference": "https://example.org/.well-known/aibdp.json" } This enables ethical denial logic across protocol layers. 7. Security Considerations AIBDP declarations are advisory and public. Enforcement requires additional legal or infrastructure mechanisms. Headers and manifests must not leak identifying information beyond declarative scope. 8. IANA Considerations This document requests: * Registration of /.well-known/aibdp.json * Registration of media type application/aibdp+json * Registration of HTTP header GenAI-Consent * Recognition of 430 Consent Required (see draft-jewell-http-430- consent-required) 9. Normative References [RFC9116] IETF, "A File Format to Aid in Security Vulnerability Disclosure", RFC 9116, April 2022, . [RFC9309] IETF, "Robots Exclusion Protocol", RFC 9309, September 2022, . [_30] Jewell, J. D., "HTTP Status Code 430: Consent Required", Work in Progress, Internet-Draft, draft-jewell-http-430- consent-required-00, 2025, . Appendix A. Appendix A. Implementation Examples A.1 HTTP Headers GenAI-Consent: indexing=allow; training=deny; generation=deny GenAI- Agentic: access=deny; fallback=deny Jewell Expires 16 February 2026 [Page 5] Internet-Draft Consent Required August 2025 A.2 DNS TXT Record aibdp="training=deny; generation=deny; agentic.access=deny" A.3 HTML Meta Tags Appendix B. Acknowledgements This proposal builds on ethical governance efforts in journalism, computing, and infrastructure architecture. Thanks to contributors from the NUJ, the IETF HTTPAPI and ART areas, and transparency coalitions engaging in boundary-aware standards formation. Author's Address Jonathan D.A. Jewell National Union of Journalists Email: jonathan@metadatastician.art Jewell Expires 16 February 2026 [Page 6]