Protocols for MyTerms

MyTerms (IEEE P7012 Draft Standard for Machine Readable Personal Privacy Terms, unpacked here) has a simple conceptual structure that is open to many different protocols and roles for them. Note the arrows in this graphic:

Protocols are required for those.

Here is an alphabetized list of some protocols that I know so far, and what I think they might do (given my incomplete knowledge across all of them.). Note that the standard never says “user,” which has subordinate and dependent implications. It calls the first party a “person” or an “individual,” and the second party an “entity.”

• A2A Protocol — “An open protocol enabling communication and interoperability between AI agents, giving them a common language – irrespective of the framework or vendor they are built on.” More here.
• ActivityPub — Can publish or reference a MyTerms URI in actor metadata or message extensions so follows/interactions and happen under the person’s terms.
• AT Protocol — Can include a MyTerms pointer in profile schemas or event metadata so interactions can be logged under the proffered terms.
• Beckn Protocol — Can carry a MyTerms URI (or the terms JSON) in discovery/order messages and bind acceptance in the async ACK/NACK flow.
• DIDComm v2 — Can attach MyTerms as a claim/document in DID-to-DID messages; the counterparty signs/acks to bind the contract.
• GNAP — Can pass a MyTerms URI/hash in the grant/interaction; record acceptance alongside the grant.
• HCP (Human/Hyper-Capability Protocol) — Called (at that link) “a user-owned, secure, and interoperable preference layer that grants individuals granular, revocable control over how their data steers AI systems,” it can store a MyTerms reference in the person’s preference set, gate releases on acceptance, and optionally include the URI/hash in OAuth flows to enable audit.
• HTTP Message Signatures (RFC 9421) — Can bind MyTerms to specific HTTP exchanges by signing requests/responses that include a terms reference.
• HTTPS — This is generic transport. It can attach or link MyTerms in headers/body and have the counterparty echo/ack to the transaction log.
• JLINC — Designed for MyTerms-like ceremonies, it can carry a MyTerms ID/hash for “data shared under an agreement.”
• Matrix — Can include a MyTerms pointer in a profile state or an event content so rooms/interactions are conducted under the person’s terms.
• Model Context Protocol (MCP) — Can send a MyTerms URI/hash in a tool/agent handshake or call metadata, so tools operate under those terms and log acceptance.
• NANDA (Internet of AI Agents) — Can expose MyTerms during agent discovery/handshake and metadata in registry so agents negotiate under the person’s terms.
• Nostr — Can include a MyTerms reference in profile/event tags so relays and clients can honor and log acceptance.
• OAuth 2.0 — Can carry MyTerms as a parameter or in a request object, recording consent/acceptance with the access transaction.
• OpenID Connect — Can include a MyTerms URI/hash as a claim (e.g., in the ID token) or request object with RP/OP log acceptance.
• Solid — Can host the person’s MyTerms in their wallet (formerly called a pod) and require apps or services to transact under those terms for resource access.
• UMA 2.0 — Can treat MyTerms as a policy at the resource server and share only with parties that have accepted the person’s terms.
• Web Linking (RFC 8288) — Can advertise a MyTerms URI via Link: headers or a /.well-known/ location for discovery and binding.

Please give me additions, corrections, and improvements.  And forgive the need for all of those changes. I think it’s important at this stage to get a list of possible protocols out there, and to get the discussion rolling. Thanks!