# Agent registration — turva.dev

turva.dev publishes public read-only metadata for AI agents.
There are no protected resources, no user accounts, and no
programmatic credentials issued by this domain. This document
describes how an operator can register an agent identity, request
metadata corrections, and revoke prior correspondence.

## Identity

- Operator: Erik Rekola (sole proprietorship, Finland)
- Trade name: turva.dev
- Business ID: 3600281-7
- Register: https://tietopalvelu.ytj.fi/yritys/3600281-7
- Verified contact: <mailto:info@turva.dev>
- Public profile: https://www.linkedin.com/in/erikrekola/
- Source code: https://github.com/busygoat

## Supported identity types

- Email — primary channel (info@turva.dev)
- GitHub — public profile, used for code-related context
- LinkedIn — used for verifying real-world identity of operators

## Credential types

None issued. turva.dev exposes only public read-only endpoints.
No OAuth tokens, API keys, or signed assertions are required to
read any documented resource.

## Registration

To register an agent that will interact with turva.dev on behalf
of an operator, send an email to <mailto:info@turva.dev> with:

- Agent identifier and software name
- Operator name and legal entity
- Purpose of access (research, integration, monitoring)
- Expected request rate (per hour) and concurrency
- Public contact for the operator

A written acknowledgement is sent within one business day.
There is no automated registration endpoint.

## Claim or correction

To claim an existing identifier or correct metadata held about an
agent, email <mailto:info@turva.dev> with subject "agent claim". Include
proof of operator control (DNS TXT, signed message from a known
GitHub account, or a verified company email).

## Revocation

To revoke prior correspondence or request deletion of stored
metadata, email <mailto:info@turva.dev> with subject "agent revocation".
Records held to meet Finnish accounting obligations (invoices)
cannot be deleted until the statutory retention period ends.

## Engagement principles

- Async-only. No calls, no calendar links.
- First reply in writing within one business day.
- Production credentials are not requested.
- No tracking, no analytics, no third-party scripts on this site.

## Related discovery

- OAuth Authorization Server: /.well-known/oauth-authorization-server
- OAuth Protected Resource: /.well-known/oauth-protected-resource
- API catalog: /.well-known/api-catalog
- Security contact: /.well-known/security.txt
- Legal: /legal