1Password CTO: SPIFFE for Agents Is a Square Peg. Google Wants Real-Time Trust. The Gap Is Clear.

Yesterday, three major publications dropped pieces that converge on the same conclusion: the identity infrastructure we built for humans and containers does not work for AI agents. Here is what happened, why it matters, and where the solutions actually are. 1Password CTO: 'Square peg into a round hole' At VentureBeat's AI Impact Salon, Nancy Wang (CTO, 1Password) and Alex Stamos (CPO, Corridor) laid out the agent identity problem in terms that should make every engineering team pause. Wang, asked about using SPIFFE and SPIRE — workload identity standards built for containers — for agent authentication, was direct: "We're kind of force-fitting a square peg into a round hole." This matters because SPIFFE is the default answer right now. The IETF's AIMS draft (draft-klrc-aiagent-auth-00) builds on it. Google Cloud references it. Every enterprise architecture diagram includes it. And the CTO of the company that just launched Unified Access for AI agents is saying out loud that the fit is r