Apex domain redirect for Azure Static Web Apps

New Linux Foundation project aims to bring DNS-style trust to AI agents

Linux Foundation giới thiệu dự án Agent Name Service (ANS), một framework nhằm thiết lập danh tính, quyền sở hữu và sự tin cậy cho các AI agent trong môi trường doanh nghiệp, hoạt động tương tự DNS. ANS giúp doanh nghiệp công bố danh tính agent thông qua các domain đã kiểm soát, cho phép xác minh danh tính, quyền hạn và khả năng của agent mà không cần registry tập trung. Dù giải quyết được vấn đề về nguồn gốc, ủy quyền và kiểm toán trong triển khai multi-agent, ANS vẫn đối mặt rủi ro bảo mật từ DNS như giả mạo hay chiếm quyền, đồng thời cạnh tranh trong thị trường tiêu chuẩn AI agent còn đang trong giai đoạn khám phá.

Lập trình viên phát triển ứng dụng AI nên đọc để hiểu cách giải quyết vấn đề quản lý danh tính và tin cậy cho các bot hoặc hệ thống tự động thông qua ANS, giúp tối ưu hóa tính bảo mật và hợp tác trong các hệ sinh thái đa AI.

Trailing dots are the worst

curl 8.21.0 đã sửa ba lỗi do dấu chấm cuối trong hostname gây ra: không nhận dạng đúng địa chỉ IPv4 (192.168.0.1.), vô hiệu hóa logic HSTS với dấu chấm kép, và bypass Public Suffix List khi đặt cookie. Tác giả cho rằng dấu chấm cuối luôn tồn tại và sẽ tiếp tục gây lỗi cạnh trường.

Lập trình viên nên đọc bài này vì các lỗi về dấu chấm cuối (trailing dots) trong tên miền, IP hoặc cookie có thể gây ra các vấn đề bảo mật nghiêm trọng như chứng minh CVE-8924, ảnh hưởng đến TLS và xử lý cookie không an toàn.

Brussels moves to put AWS and Azure under its toughest tech rules

The European Commission has issued preliminary findings that AWS and Azure should be designated as gatekeepers under the Digital Markets Act, despite neither service meeting the regulation's standard quantitative thresholds. Brussels is invoking the DMA's qualitative route, arguing both platforms serve as critical gateways for EU businesses. If designated, the two cloud giants would face obligations including no self-preferencing, mandated interoperability, and data portability rules aimed at reducing vendor lock-in. The move is partly motivated by cloud infrastructure's growing role as the foundation for AI adoption across Europe. Both Amazon and Microsoft have objected, and a defence phase is now underway before any final decision.

Rethinking cloud operations with agentic observability

Microsoft has announced the general availability of the Azure Copilot Observability Agent, built on Azure Monitor. The tool correlates logs, metrics, traces, topology, and operational context across environments to help operators move faster from incident detection to root cause resolution. It addresses growing cloud complexity — with 84% of organizations reporting increased complexity and 69% saying it outpaces their operating model — by using AI agents to reason across signals in real time. Customer examples cite reclaiming 250 engineering hours monthly and significantly faster incident resolution. The post frames observability as foundational to a broader shift toward agentic cloud operations, where AI agents continuously interpret signals, take action, and improve system resilience over time, with governance and human oversight remaining essential.

Conditional & Iterative Deployments with Azure Bicep

A deep dive into Azure Bicep's conditional (if) and iterative (for) deployment features, covering practical patterns and common pitfalls. Key topics include: guarding references to conditional resources using ternary expressions, the non-cascading nature of conditions on child resources, safe use of runtime functions like listKeys(), resource naming stability in loops, the difference between resource/module loops and variable/output loops, index fragility in filtered loops, and using @batchSize() to control deployment parallelism. Includes a practical checklist and a complete example combining conditionals, filtered loops, batching, and structured outputs.

Event Sourcing: Aggregates, Dynamic Consistency Boundaries, or what?

Part eleven of an event sourcing series explores how to handle consistency boundaries without relying on DDD aggregates or Dynamic Consistency Boundaries (DCBs). The author argues that the best approach depends on the actual problems at hand. Two alternatives are discussed: replacing concurrent designs with non-concurrent ones (e.g., a draft-registration phase processed by a single-threaded algorithm), and using Azure Service Bus sessions to serialize workday validation, eliminating race conditions within a consistency boundary. The post emphasizes solving real problems holistically rather than applying patterns preemptively, and shows how task-based UIs and small data models reduce the likelihood of concurrency conflicts in the first place.

Can DNS become the basis for AI agent identity?

The Linux Foundation has announced intent to launch the Agent Name Service (ANS), an open standard that gives AI agents verifiable identities by anchoring them to DNS. Originating from an OWASP GenAI Security Project research paper, ANS works similarly to how websites prove identity today — operators demonstrate domain control via ACME/Let's Encrypt, receive certificates, and all status changes are logged in an append-only ledger. A companion standard, DNS-AID (originally from Infoblox), handles agent discovery via DNS records. At least four competing DNS-based agent identity proposals now exist, and the space is crowded with alternatives including Google's A2A protocol, Cisco's AGNTCY, Microsoft's Entra Agent ID, and Okta for AI Agents. Notably absent from ANS are major players like Google, Anthropic, Microsoft, and Amazon, raising questions about fragmentation.