Frequently asked questions

Questions

Is ATAH a product?

No. ATAH is an open specification published under Apache-2.0. There is no ATAH product to buy. Anyone may implement, fork, or extend the protocol. The reference registry is one possible operator; the protocol is designed for multiple independent registries over time.

Who governs the protocol?

Governance is set out in the public Charter on GitHub. Eight core commitments are entrenched and require a supermajority amendment process to change. The founder operates under the Charter's terms with no veto rights and explicit conflict-of-interest, recusal, and disclosure rules. Governance transitions to an independent structure when the Charter's transition triggers are met.

How is ATAH different from a directory or AEO product?

ATAH does not promote, rank for visibility, or sell placement. The matching engine applies no commercial weighting at any point: hard filters for eligibility, transparent verification bands, and within-band randomisation under a documented fairness policy. There is no global match score in the schema, no hidden ranking, and every response carries machine-readable disclosure of the non-commercial ordering policy. The protocol's purpose is structured, provenance-visible discovery — not commercial promotion.

Why a separate protocol — why not just extend MCP, OAuth, or VC?

ATAH composes with those standards rather than replacing them. OAuth 2.1 provides authentication. Verifiable Credentials provide credential format. MCP provides tool access. ATAH defines the layer above: professional categorisation, the staged handoff lifecycle, the matching engine, the trusted-partner trust model, the consent receipt model, and the commercial-neutrality and provenance-visibility commitments. None of those exist in the underlying standards.

How is the protocol funded?

ATAH is intended to operate on a not-for-profit basis, with governance transitioning to an independent foundation or equivalent neutral steward under the Charter's transition provisions. Operational sustainability is funded through trusted-partner integration fees set against a public schedule on a cost-recovery basis, with waivers and deferred fees available for regulators and public-interest bodies. The protocol endpoint is free to query for AI platforms: there is no per-query fee, no licensing fee, and no commercial gate on protocol access. Partner fees do not influence matching at any point, consistent with the entrenched commercial-neutrality commitment in the Charter.

Are the named professional bodies in your documentation partners?

No. Named bodies (state bar associations, NIPR, NAIC, FINRA, PRSA, CIPR, ICF, PMI, and others) appear as illustrative examples of the types of organisations the protocol is designed to work with. They are not partners with whom agreements exist. Becoming a partner requires a partner agreement, data integration work, and governance approval — none of which is in place at v0.8.2 publication.

Does ATAH store end-user personal data?

No. End-user personal data (whether the end-user is an individual or a business) passes through ATAH only as transient handoff data, held in a transient encrypted vault, and crypto-erased on retrieval, expiry, or revocation. ATAH does not retain, profile, or derive insight from end-user data. The privacy floor is one of the eight Charter core commitments.

Can I implement ATAH today?

Yes. The specification is published under Apache-2.0 and is freely implementable. v0.8.2 (rc) is the first published version, released as a release candidate. Breaking changes are possible until v1.0 per the published version negotiation policy. The current version, full changelog, and roadmap are on GitHub.

Who has verified the spec?

v0.8.2 incorporates substantial peer review from independent reviewers, with the major architectural decisions documented in the Architectural Decision Records (ADRs) in the repository. The stress-test matrix, also published, captures 52 abuse, mistake, commercial-conflict, and edge-case scenarios that the protocol must address, with concrete resolution references for each.