Identity used to be straightforward: authenticate a user, authorize an action, log the request, and move on. Agentic systems complicate that model because the actor isn’t always the human anymore, and when something goes wrong, responsibility can disappear into what Andrew Bud calls an “accountability vacuum.” In this episode of #F5's Pop Goes the Stack, Lori MacVittie talks with Andrew Bud of iProov about why this isn’t just a security nuance, but a broader stability problem. You can’t punish, retrain, or sue an agent. Yet agents can still take actions with real consequences, from leaking code to corrupting data to making irreversible operational changes. If accountability can’t attach to the agent, it has to attach somewhere else. Andrew’s argument is that responsibility shifts to the relying party. Service providers and systems need to ask whether they’re dealing with a human or an agent, identify who the agent belongs to, and gate high-impact actions so a real human can be held accountable. That implies a chain of delegation and auditability that looks more like certificates, but with a different root of trust: proof of genuine human presence. The conversation distinguishes enterprise agents, where existing identity patterns like OIDC and governance tools may still work, from “agents in the wild,” where centralized identity breaks down and decentralized identity becomes more relevant. Andrew points to emerging standards work across multiple groups and makes the case that verified human presence, not just identity facts, will become foundational as agents increasingly claim to be people. If you’re deploying agents, the takeaway is clear: identity alone isn’t enough. You need provable human roots of trust, stronger relying-party controls, and policies that treat some actions as requiring explicit human accountability. Chapters: 00:00 Welcome to Pop Goes the Stack 00:31 Agentic AI breaks identity: The accountability vacuum 01:50 Why punishment/training fails: You can’t “discipline” an agent 03:15 Shift responsibility to the relying party: Verify before action 05:27 Humans as root of trust (not agents, not service accounts) 06:05 A “CA chain” for delegation: Agent → agent → human 07:06 Enterprise vs “agents in the wild”: Two different identity problems 08:05 Decentralized identity + digital wallets for agent credentials 09:34 Why it still matters if it’s human or agent (high-risk actions) 11:07 Action-level governance: Some ops require direct human approval 13:19 Root of trust = proof of humanness (not just identity facts) 16:17 The sheepdog metaphor: Agents can cause real harm fast 18:29 Key takeaways: Standards + proofs of human presence Learn how you can stay ahead of the curve and keep your stack whole with additional insights on app security, multicloud, AI, and emerging tech: https://go.f5.net/5h10llnv Meet our guest: https://go.f5.net/87rb9pf6 Explore iProov: https://go.f5.net/obg5sstc More about F5: https://go.f5.net/kxwxjy5e Read our blog: https://go.f5.net/jqitw23w Follow us on LinkedIn: https://go.f5.net/uomq2050

 61      3