The article "The Web Does Not Need Gatekeepers" by Positiveblue argues against Cloudflare's "signed agents" proposal, which creates an allowlist controlled by a single company, requiring builders to apply for permission to operate on the web. The author warns this approach represents vendor approval rather than a true internet standard and risks turning the open web into a gated environment controlled by a few companies. Key points include: 1. The Web Must Remain Open: The web's strength comes from being uncontrolled by any single entity, enabling anyone to publish and innovate without permission. Historical examples show open standards (like HTML5) have outlasted and replaced proprietary systems (Flash, Silverlight), proving open protocols foster innovation better than corporate gatekeeping. 2. Agents Are Inevitable: Automated agents (including AI) will increasingly act on behalf of humans, retrieving data, performing tasks, and negotiating contracts. These agents will sometimes act independently or as part of larger workflows, blurring the line between human and agent actions. 3. Authentication vs Authorization: Authentication determines "who is acting?" whereas authorization defines "what they are allowed to do?" Cloudflare's approach mistakenly treats authentication as sufficient for authorization. Authentication must prove identity securely and verifiably, including chains of delegation, so that each agent in the request chain can be validated independently without relying on a central gatekeeper. 4. Authentication Requirements: The system must be verifiable, composable for delegation chains, and decentralized without a single gatekeeper controlling access. Public key cryptography and DNS can be leveraged to verify agent identities openly. 5. Authorization for Agents: Traditional software authorization worked with narrow, predefined scopes, but general-purpose agents require task-scoped, short-lived, and delegable permissions rather than permanent, broad credentials. Emerging tools like macaroons, biscuits, and open policy engines enable granular, flexible authorization aligned with agent tasks. 6. Protocols, Not Gatekeepers: The future web must rely on interoperable, open standards for authentication, authorization, and monetization. Gatekeeping by a few companies will stifle the agentic web and create walled gardens, repeating historical mistakes. The author invites collaboration to develop open protocols for chains of delegation, request-level authorization, and task-scoped authorization, underscoring that the web’s future depends on protocols enabling everyone to build, share, and innovate freely—not on who holds the keys to the gates.