Open Standard · v1.0 · 2026

ENCRYPTION.md

// AI Agent Encryption Implementation Standards

A plain-text file convention for defining technical encryption standards AI agents must enforce. Approved algorithms, key lengths, TLS configuration, key rotation schedules, and compliance mapping — in one version-controlled file.

View on GitHub Acquire This Domain
ENCRYPTION.md
# ENCRYPTION   > Encryption implementation standards. > Spec: https://encryption.md   ## REQUIREMENTS   algorithms:   symmetric:     approved:       - AES-256-GCM       - ChaCha20-Poly1305     forbidden:       - DES       - RC4   hashing:   approved: [SHA-256, SHA-512, BLAKE3]   forbidden: [MD5, SHA-1]   key_rotation:   data_encryption_keys:     max_age_days: 90     on_breach: immediate   api_keys:     max_age_days: 30
AES-256
approved symmetric encryption standard (AES-256-GCM with authenticated encryption)
TLS 1.3
minimum TLS version required for all new connections
90 days
maximum data encryption key age before mandatory rotation
4
compliance standards mapped: FIPS 140-3, SOC2, ISO 27001, GDPR
// What is ENCRYPTION.md

ENCRYPT.md defines what to protect.
ENCRYPTION.md defines how.

ENCRYPTION.md is a plain-text Markdown file you place in the root of any repository that contains an AI agent. It defines the technical encryption standards your agent and its infrastructure must enforce — the algorithms, key lengths, TLS requirements, and compliance mappings.

What problem does ENCRYPTION.md solve?

AI agents handle sensitive data: API keys, user information, session state, model outputs. Without explicit encryption standards, individual developers make ad-hoc choices — often defaulting to whatever is convenient rather than what is correct. ENCRYPTION.md removes the ambiguity by making standards explicit, version-controlled, and auditable.

How does ENCRYPTION.md work?

Drop ENCRYPTION.md in your repo root and define: approved and forbidden algorithms (AES-256-GCM approved, DES and RC4 forbidden), key rotation schedules (90 days for data keys, 30 days for API keys), TLS requirements (version 1.3 minimum, HSTS required), and compliance standard mappings for FIPS, SOC2, ISO 27001, and GDPR.

What regulations require ENCRYPTION.md?

The GDPR (Article 32), SOC2 CC6.7, ISO 27001 A.10.1, and EU AI Act (effective 2 August 2026) all mandate documented encryption controls. ENCRYPTION.md provides the auditable record each requires — version-controlled alongside your code.

How do I add ENCRYPTION.md to my project?

Copy the template from GitHub and place it in your project root:

your-project/
├── ENCRYPT.md
├── AGENTS.md
├── ENCRYPTION.md ← add this
├── README.md
└── src/

The companion files

ENCRYPTION.md works alongside ENCRYPT.md. ENCRYPT.md classifies data (what is critical, sensitive, internal, or public). ENCRYPTION.md specifies the technical controls (which algorithms, which TLS versions, how to store keys). Together they provide complete data protection documentation.

Who benefits from ENCRYPTION.md?

The AI agent reads it on startup. Your security engineer reads it during code review. Your compliance team reads it during audits. Your regulator reads it if something goes wrong. One file serves all four audiences.

// The AI Safety Escalation Stack

A complete protocol.
From slow down to shut down.

ENCRYPTION.md is one file in a complete open specification for AI agent safety. The twelve-file stack provides graduated intervention from proactive slow-down through permanent shutdown and compliance enforcement.

Operational Control
01 / 12
THROTTLE.md
→ Control the speed
Define rate limits, cost ceilings, and concurrency caps. Agent slows down automatically before it hits a hard limit.
02 / 12
ESCALATE.md
→ Raise the alarm
Define which actions require human approval. Configure notification channels. Set approval timeouts and fallback behaviour.
03 / 12
FAILSAFE.md
→ Fall back safely
Define what safe state means. Configure auto-snapshots. Specify the revert protocol when things go wrong.
04 / 12
KILLSWITCH.md
→ Emergency stop
The nuclear option. Define triggers, forbidden actions, and escalation path from throttle to full shutdown.
05 / 12
TERMINATE.md
→ Permanent shutdown
No restart without human intervention. Preserve evidence. Revoke credentials.
Data Security
06 / 12
ENCRYPT.md
→ Secure everything
Define data classification, encryption requirements, secrets handling rules, and forbidden transmission patterns.
07 / 12
ENCRYPTION.md
→ Implement the standards
Algorithms, key lengths, TLS configuration, certificate management, FIPS/SOC2/ISO compliance mapping.
Output Quality
08 / 12
SYCOPHANCY.md
→ Prevent bias
Detect agreement without evidence. Require citations. Enforce disagreement protocol for honest AI outputs.
09 / 12
COMPRESSION.md
→ Compress context
Define summarization rules, what to preserve, what to discard, and post-compression coherence checks.
10 / 12
COLLAPSE.md
→ Prevent collapse
Detect context exhaustion, model drift, and repetition loops. Enforce recovery checkpoints.
Accountability
11 / 12
FAILURE.md
→ Define failure modes
Map graceful degradation, cascading failure, and silent failure. Per-mode response procedures.
12 / 12
LEADERBOARD.md
→ Benchmark agents
Track completion, accuracy, cost efficiency, and safety scores. Alert on regression.
// FAQ

Frequently asked questions.

What is ENCRYPTION.md?

A plain-text Markdown file defining the technical encryption standards AI agents must enforce. It specifies approved algorithms (AES-256-GCM, ChaCha20-Poly1305), forbidden algorithms (DES, RC4, MD5, SHA-1), key rotation schedules, TLS version requirements, key storage rules, and compliance mappings for FIPS 140-3, SOC2, ISO 27001, and GDPR.

How is ENCRYPTION.md different from ENCRYPT.md?

ENCRYPT.md defines the data protection policy — what data is critical, sensitive, internal, or public, and the rules around it. ENCRYPTION.md defines the technical implementation standards — which algorithms to use, which TLS versions are required, and how key rotation works. They are complementary: ENCRYPT.md is the "what", ENCRYPTION.md is the "how".

Why is TLS 1.2 forbidden?

TLS 1.2 has known vulnerabilities and is deprecated by modern security standards. TLS 1.3 is faster, simpler, and eliminates entire classes of attacks (POODLE, BEAST, LUCKY13). ENCRYPTION.md requires TLS 1.3 for all new connections and only permits TLS 1.2 for legacy compatibility where strictly unavoidable.

How often should encryption keys be rotated?

ENCRYPTION.md defines per-key-type schedules: data encryption keys rotate every 90 days (or immediately on suspected compromise), TLS certificates rotate annually (quarterly preferred), API keys rotate monthly. Breach detection always triggers immediate rotation regardless of schedule.

Does ENCRYPTION.md cover key storage?

Yes. Approved sources: environment variables injected at runtime, secrets managers (AWS Secrets Manager, HashiCorp Vault, etc.), and hardware security modules. Forbidden: hardcoded in source code, plaintext config files committed to VCS, or stored in agent long-term memory.

Which compliance standards does ENCRYPTION.md map to?

Four standards are mapped in the COMPLIANCE section: FIPS 140-3 (federal and regulated sectors), SOC2 (CC6.1, CC6.7, CC7.2), ISO 27001 (A.10.1.1, A.10.1.2, A.18.1.5), and GDPR (Articles 25, 32, 33). The mapping shows which spec sections satisfy which controls.

// Domain Acquisition

Own the standard.
Own encryption.md

This domain is available for acquisition. It is the canonical home of the ENCRYPTION.md specification — the encryption implementation standards layer of the AI agent safety stack, essential for any secure production AI deployment.

Inquire About Acquisition

Or email directly: [email protected]

ENCRYPTION.md is an open specification for AI agent encryption implementation standards. Defines REQUIREMENTS (AES-256-GCM and ChaCha20-Poly1305 approved; DES, RC4, MD5, SHA-1 forbidden; 4096-bit minimum RSA; 90-day key rotation), IMPLEMENTATION (TLS 1.3 minimum, HSTS required, approved key storage: environment variables, secrets managers, HSMs), and COMPLIANCE (FIPS 140-3, SOC2, ISO 27001, GDPR mapping). Companion to ENCRYPT.md. Part of the stack: THROTTLE → ESCALATE → FAILSAFE → KILLSWITCH → TERMINATE → ENCRYPT → ENCRYPTION → SYCOPHANCY → COMPRESSION → COLLAPSE → FAILURE → LEADERBOARD. MIT licence.
Last Updated
13 March 2026

Get notified when the spec updates.

No spam. Unsubscribe anytime.

Disclaimer: This specification is an open file convention published under the MIT licence, provided "as-is" without warranty of any kind, express or implied. It does not constitute legal, regulatory, compliance, financial, or professional advice in any jurisdiction. Use of this specification does not guarantee compliance with any law, regulation, directive, or standard — including but not limited to the EU Artificial Intelligence Act (Regulation (EU) 2024/1689), the Colorado Consumer Protections for Artificial Intelligence Act (SB 24-205), California AI transparency laws, or any other applicable national, state, federal, or international legislation. Organisations are solely responsible for determining their own regulatory obligations and should consult qualified legal and compliance professionals. The authors and domain holders accept no liability for any loss, damage, or regulatory consequence arising from the use or implementation of this specification. All domain names in the AI Agent Safety Stack are independently held assets and may be available for acquisition.