OCSS Trust Framework · the registry

Trust List / Registry

A machine-readable, cryptographically signed registry of the intermediaries accredited to route OCSS signals, modeled on the EU Trusted List (EUTL, established under eIDAS Regulation (EU) 910/2014), fetched and cached, never on the critical path of an enforcement decision.

Standard v1.0 · Draft for Review
The Trust List opens with v1.0 ratification (target Q3 2026). The accreditation process is in active drafting. No intermediaries are accredited yet; the registry below shows its intended shape, not a live roster.

§ 1

What the Trust List is

An eIDAS-era pattern, applied to child-safety routing: a single signed document that tells any participant which intermediaries are trusted, without contacting a central authority at decision time.

The OCSS Trust List is modeled directly on the EU Trusted List (EUTL), the registry that, since 2014, has let any relying party in Europe verify which trust-service providers are qualified without a central lookup. OCSS borrows that architecture deliberately:

Signed, not API-gated. The list is a single signed document, fetched and cached by each participant for no longer than 24 hours. There is no central verify API on the critical path. A participant verifies the list's signature against the Linux Foundation AAIF root key, caches it, and routes against its local copy. Availability of the standards body is never load-bearing on an enforcement decision.
Cryptographically anchored. Each entry binds an accredited entity to a decentralized identifier (did:ocss:…) and the JWKS: the public keys it signs with. Per RFC 9421 HTTP Message Signatures, a signal's outer envelope carries an Ed25519 signature plus a resource indicator (RFC 8707) scoping the envelope to its intended receiver. A verifier resolves the sender's DID against the cached list, pulls the matching kid from its JWKS, and checks the signature. No network round-trip, no trust-on-first-use. a registry entry binds a DID to the keys it signs withdid did:ocss:example-corp JWKS { "keys": [ { "kty": "OKP", "crv": "Ed25519", "kid": "2026-01", "x": "11qYAYK…" } ] }
Append-and-revoke. Entries carry a validity window. Routine revocation rides the next signed list, within the 24-hour cache horizon: short enough to contain a compromised key, long enough that an intermediary stays reachable when the standards body is down. That window is a deliberate trade, not an oversight. A stolen key is usable for at most one cache cycle. OCSS bounds the exposure instead of eliminating it, because the alternative (a soft-fail on a live revocation lookup before every enforcement decision) would put the standards body back on the critical path, which is the exact dependency the design exists to remove. For the case where one cache cycle is too long, §4a defines an out-of-band emergency revocation path.

The Trust List is the who's trusted half of the OCSS Trust Framework. The signed-envelope format is the how signals move half; the Trust List tells a receiver whether the entity that signed an envelope is one it should accept. Parental-control vendors and family-safety apps integrate against the same Trust List to route signals to accredited intermediaries, so a consent decision a parent makes in one product, and the enforcement rules it triggers, travel unchanged to every device and surface that resolves the same list.

Security model, stated

A crypto reviewer should not have to infer the primitives. They are fixed, and they are normative:

Outer envelope: signature is Ed25519, MUST. The routing layer is an RFC 9421 HTTP Message Signature. v1.0 binds exactly one algorithm: Ed25519 over the covered components. RFC 9421's multi-algorithm machinery is intentionally not open in v1.0. A single mandated suite removes downgrade negotiation, and adding a second algorithm is a SemVer-major change gated on the working-group RFC process. A verifier that sees any other alg rejects the envelope.
Inner envelope: JWE sealed to the receiver. The payload is a JWE in Compact Serialization with alg: ECDH-ES+A256KW (or direct ECDH-ES) and content encryption enc: A256GCM. The intermediary sees the outer routing metadata and never the plaintext; it cannot decrypt, and the MUST-NEVER contract forbids it from trying. The receiver's encryption key is the same key published in its Trust List JWKS, so the sender needs no side channel to obtain it. Forward secrecy across the archive is structural, not incidental: ECDH-ES derives a per-message content key from an ephemeral sender key, so an archived envelope opened years later, even with the receiver's long-term key, exposes only that one message. There is no shared session key whose compromise unzips a whole correspondence.
Cross-intermediary correlation is designed out, and the derivation is published, not hand-waved. Routing carries a family_hash = HKDF-SHA256(ikm = household_secret, salt = receiver_did, info = "ocss/family-hash/v1"), truncated to 128 bits. The salt is the receiver's DID, so the value a household presents to intermediary A is unequal to the one it presents to intermediary B: two colluding intermediaries hold outputs of the same PRF under different salts and cannot join them. Because household_secret is high-entropy (never a guessable identifier like an email or phone number), an adversary holding many signals from the same household (the known-plaintext case) still faces a keyed PRF with no shorter path than guessing the secret. Re-identifying a minor across intermediaries is an explicit MUST-NEVER, and the derivation is fixed in the spec so a cryptographer can audit it rather than trust the claim.
Replay is bounded by the envelope, not the network. The RFC 9421 signature covers a fixed component set (@method, @target-uri, content-digest, plus the signature parameters created, nonce, and keyid), and the RFC 8707 resource indicator scopes the envelope to one receiver. A captured envelope cannot be replayed to a different surface. The acceptance window for created is ±300 seconds of clock skew; a verifier remembers nonces for the width of that window so a same-window replay is also caught. Anything older is stale and dropped.
Stricter-rule downgrade is rejected. An intermediary MUST NEVER weaken a rule in transit. It may not turn a nfk_hard_block into a warning or relax a tier gate. The receiver re-evaluates the typed rule against its own policy floor and takes the stricter of the two, so a misbehaving hop can fail closed but never fail open.
Key compromise is bounded by rotation. Every Trust-Listed key MUST rotate at most every 180 days, each rotation publishing a new kid alongside the retiring one. A compromised key's blast radius is therefore one cache window for revocation plus one rotation interval for issuance: both finite, both stated, neither relying on the standards body being online.

Trust anchor. Everything chains to one root: the Linux Foundation AAIF root key. It is the governance root of trust that signs the Trust List and signs no payloads. It is distributed with the spec and pinned by each participant at integration time, not learned trust-on-first-use from the network. A participant that has the AAIF root key can verify the Trust List signature, and from the list, every intermediary's JWKS. A compromised root key is the one event the cache horizon does not contain, so the AAIF root key is held under documented governance controls (offline, multi-party) and its rotation is itself a published, signed event, never a silent swap.

DID resolution. A did:ocss:… is not resolved over the open network. It resolves inside the signed Trust List: the list is the resolver. The entry for a DID carries that entity's JWKS inline, so there is no separate DID-document fetch for a network attacker to hijack, no DNS step to poison, and no JWKS endpoint whose availability becomes load-bearing. The only thing a verifier trusts over the wire is the list document itself, and that is checked against the pinned AAIF root key before any entry in it is believed.

Emergency key handling. An intermediary publishes two keys at all times: the active signing key and a pre-registered next key (a distinct kid already in its JWKS). Routine rotation promotes the next key on the ≤180-day cadence. An emergency (suspected compromise) skips the cadence: the steward (or, post-ratification, the Trust Committee) issues the revocation bulletin of §4a against the live kid, the operator promotes its pre-registered next key immediately, and the gap is bounded by bulletin propagation rather than a full rotation interval. Because the standby key was registered ahead of the incident and never co-located with the active one, emergency rotation never requires minting trust from a cold start.

Post-quantum posture, stated honestly. v1.0 is classical: Ed25519 for signatures, ECDH-ES for envelope key agreement. Both are durable against today's adversaries and neither is claimed to be quantum-resistant. The standard's response is structural rather than a premature primitive swap. Signatures are short-lived, bounded by the ≤180-day rotation and the ≤24-hour list horizon, so a future quantum forgery has a narrow, expiring window rather than a standing one. Confidentiality is the harder problem (a "harvest-now, decrypt-later" adversary archives today's JWE for a future quantum machine); the PQ migration path is therefore scoped to the envelope, gated on the NIST ML-KEM (FIPS 203) ecosystem maturing in JOSE, and tracked as a SemVer-major change through the working-group RFC process: additive hybrid suites, never a silent algorithm flip. It is named here as a known item on the roadmap, not buried.

§ 2

Why it matters: N×M → N+M

A shared trust layer collapses the point-to-point integration explosion that has kept cross-vendor child-safety interoperability from materializing at scale.

Without a shared trust layer, every party that wants to exchange safety signals must negotiate a bilateral integration with every other party. With N signal issuers and M enforcement surfaces, that is an N × M explosion of point-to-point agreements, key exchanges, and audits.

A signed Trust List collapses that to N + M: each issuer and each surface integrates once, against the list, and inherits trust in every accredited counterparty. This is the same move FIDO made for authenticators and the EUTL made for digital signatures.

There is one honest caveat, and OCSS states it plainly: N + M with a single intermediary is N × M renamed. A federation routed through one hub is a monopoly with extra steps, not a federation. Genuine interoperability requires more than one trusted intermediary. That requirement is encoded directly into the standard as the pluralism guarantee.

§ 3

The pluralism guarantee

The Trust List publishes a federation status computed from the list itself: the standard's anti-monoculture mechanism. No single intermediary can become the chokepoint through which all children's safety signals must pass.

Green

≥ 3 accredited intermediaries

Federation-grade. Multiple independent routes exist; no single operator is load-bearing.

Yellow

< 3 accredited intermediaries

Forming. Routing works, but the network has not yet reached resilient plurality.

Red

< 2 accredited intermediaries

Not federated. A single intermediary is a single point of trust and failure, not a healthy state.

Federation status, this draft: FORMING. Reads Yellow / Red until ≥ 3 independent intermediaries complete accreditation.

The status is computed from the list, not asserted. OCSS publishes that honestly rather than presenting a single-operator network as a federation.

§ 4

The live registry

When the Trust List opens, the registry renders as a filterable table, each row a signed entry. The honest current state is empty: an empty registry is the correct state for a forming coalition, and is itself the most important signal a reader can verify.

formingocss://trust-list/v1 signed document · cached ≤ 24h · federation status: FORMING

Entity	DID	Tier	Status	Valid through
The registry opens at v1.0 ratification accreditation process in drafting · federation status: forming we show the table's shape rather than fabricate rows 0 entities

When live, each row will carry a legal entity name, its did:ocss:… resolving to the public keys it signs envelopes with, an accreditation tier, a status of active · suspended · revoked, and a renewal date entries must meet before falling off the list. Here is the schema for one entry and the list that wraps it. This is the document format an engineer implements a verifier against:

trust-list/v1 — list envelope (the whole document is signed, not each row){ "@context": "https://openchildsafety.com/ns/trust-list/v1", "list_version": "1.0", "schema": "ocss-trust-list-v1", // list schema is itself SemVer'd; v1.1 is additive "issued_at": "2026-09-01T00:00:00Z", "next_update": "2026-09-02T00:00:00Z", // verifiers refuse a list past this + skew "federation_status": "forming", "entries": [ /* see below */ ], "proof": { "type": "Ed25519Signature2020", "canonicalization": "RFC8785-JCS", // hash the JCS form, then Ed25519 "verificationMethod": "did:ocss:aaif-root#key-2026" } }

one entry inside "entries"{ "entity": "Example Intermediary, Inc.", "did": "did:ocss:example", "jwks": { "keys": [ { "kty":"OKP", "crv":"Ed25519", "kid":"2026-01", "x":"11qYAYK…" } ] }, "tier": "Accredited", "status": "active", // active · suspended · revoked "valid_through": "2026-12-31" }

No row appears here unsigned: the row is data, the list carries the signature, and the signature is over the document canonicalized with JSON Canonicalization Scheme (RFC 8785) under the AAIF root key. Naming the canonicalization is load-bearing, not pedantry: two implementations that disagree on byte order or whitespace would compute different digests and reject each other's valid lists. JCS is fixed so any verifier reproduces the exact preimage the root key signed. The next_update field is what makes the 24-hour cache bound enforceable in code rather than convention. A verifier that fetches a list whose next_update has passed (allowing for the ±300s skew above) treats it as stale and re-fetches.

§ 4a

Lifecycle, suspension & revocation

An intermediary is a state machine on the signed list. These are the states, the transitions that move an entity between them, who is authorized to make each move, and how fast it propagates.

Provisional

on: application accepted

Listed, routing Open-class only. Moves to Verified on identity & controls review; or to Revoked if the application is withdrawn or fails review.

Verified

on: controls review passed

Routing Open + Gated. Moves to Accredited on passing the conformance suite and a SOC 2 Type II audit; or down to Suspended on a contract breach.

Accredited

on: suite + SOC 2 passed

Full routing incl. Restricted. Holds until renewal lapses (→ falls off list), a breach (→ Suspended), or a key compromise (→ Revoked).

Suspended

reversible · routing halted

Status flips to suspended on the next list; receivers stop accepting its envelopes. Reinstated to its prior tier on remediation, or escalated to Revoked.

Revoked

terminal · keys distrusted

Status revoked and the entry's JWKS is distrusted. Re-entry requires a fresh application as Provisional.

Who decides. Through v1.0 ratification, accreditation and revocation decisions are made by the editorial steward against the published criteria. At ratification the authority transfers to the Trust Committee (9 seats), which approves the conformance suite and is the body that admits, suspends, and revokes intermediaries. This is a deliberate governance transfer, not a permanent vendor prerogative: the same reason the Trust List is signed by the AAIF root key under collective control rather than any one company's.

Civil society is structurally embedded in a 9-seat Trust Committee. 3 of the 9 seats are reserved for named civil-society bodies (for example Common Sense Media, Roost, the EFF, FOSI, and the ACLU), non-removable except for cause. Accreditation decisions run on one organization, one vote, so a large implementer cannot accumulate weight proportional to market share. Every trust-list change carries a 72-hour public notice and comment period. De-accreditation requires a 2/3 Trust Committee vote plus a 30-day cure period.

Due process. A suspension or revocation is issued in writing with the violated MUST / MUST-NEVER clause cited. The affected entity has a defined window to remediate or appeal to the Trust Committee before a suspension escalates to terminal revocation; the decision and its basis are recorded in the same signed audit format regulators can replay. Routine sanctions propagate on the normal list cadence, visible to every participant within the cache horizon, no private side channel.

Emergency revocation (out-of-band)

The 24-hour cache window answers "contain a bad key by tomorrow." It does not answer "a key is being actively abused and we need it dead now." For that case the spec defines a signed, out-of-band revocation bulletin: a minimal root-key-signed document, distinct from the full list, that names a DID and one or more kids and marks them revoked effective immediately. Participants subscribe to the bulletin channel (a lightweight signed feed at a well-known path) in addition to the daily list; a compliant verifier checks the bulletin set before accepting an envelope, so a compromised key can be cut off in minutes without forcing a full-list re-fetch and without ever introducing a per-decision call to a central authority. The bulletin is fail-safe: if its channel is unreachable, the daily list's next_update bound still caps exposure at one cache cycle.

§ 5

The four accreditation tiers

An intermediary's tier governs which sensitivity classes of payload it may route. In increasing sensitivity: Open, Gated, and Restricted (covering CSAM reporting, ICAC-adjacent law-enforcement data, and other highly sensitive enforcement signals). Higher tiers carry more obligations.

Tier	May route	What it requires
Provisional	Open	Entry tier. Valid DID and published JWKS; agreement to the MUST / MUST-NEVER intermediary contract. Suitable for routing non-sensitive, public-class signals while accreditation completes.
Verified	Open + Gated	Identity and operational controls verified by the standards body. Permitted to route gated signals (e.g. tier and consent decisions) in addition to open traffic.
Accredited	Open + Gated + Restricted	The full intermediary tier. Requires passing the conformance suite, an independent SOC 2 Type II audit, and placement on the signed Trust List. Only Accredited intermediaries may route Restricted-class traffic, including CSAM / ICAC reporting flows.
Tier 4future · v1.1	Open + Gated + Restricted, with hardware attestation	Proposed for v1.1, after v1.0 establishes foundational federation. Adds TEE (trusted execution environment) attestation, on the AWS Nitro / Google Confidential Space / Apple Private Cloud Compute pattern, so a relying party can verify the intermediary is running the exact audited binary, not merely that it promised to. It is deferred deliberately and on a stated trigger: hardware attestation is cloud-specific and roughly six engineer-months of work, gating v1.0 on it would slow the thing that matters first (getting a plural set of intermediaries onto the list), and there is no point hardening a federation that does not yet exist. The trigger to open Tier 4 work is the pluralism guarantee going Green: 3+ independent accredited intermediaries on the list. Until then it is roadmap, not requirement. Not part of v1.0.

All tiers require Ed25519 key rotation at most every 180 days. The Accredited tier additionally requires passing the conformance suite and holding a current SOC 2 Type II audit before placement on the signed Trust List.

Across every tier, the intermediary contract is non-negotiable. An intermediary MUST validate sender signatures on every envelope, address payloads only to the receiver's public key, emit one immutable audit row per envelope, publish real-time status, and rotate keys at least every 180 days. It MUST NEVER decrypt payloads, retain contents past delivery, correlate routing metadata across families without consent, or accept payloads that re-identify minors across intermediaries. Entities that meet fewer obligations are OCSS-compatible, not Trust-Listed.

§ 6

Integrate against the Trust List

You do not need to be an accredited intermediary to benefit. A parental-control product, a platform, or an OS integrates as an issuer (it emits signals), a surface (it enforces them), or both, and gets one integration that reaches every accredited counterparty.

The adopter ROI, plainly. Today a parental-control vendor that wants its consent and tier decisions honored on someone else's devices negotiates a bilateral integration per partner: a key exchange, a payload contract, an audit, a renewal, with each platform, OS, and carrier, one at a time. With a dozen target surfaces that is a dozen separate key exchanges to manage, a dozen payload contracts to keep current, a dozen renewals on a dozen calendars. And the cost is multiplicative: every new surface you want to reach is another full integration, and every new issuer the ecosystem adds is another integration for them. That is the N × M tax. Integrate against the Trust List once and you emit one typed, signed signal that every accredited surface already knows how to verify and enforce. The arithmetic flips from multiplicative to additive: instead of N issuers × M surfaces bilateral links, the whole network is N + M single integrations: you build your one, each surface builds its one, and you are mutually reachable. New accredited counterparties become reachable the moment they appear on the list, with zero new code on your side. The certification mark is the market-facing half of that: a third-party-verifiable claim a procurement team, an app-store reviewer, or a regulator can check, not a logo you self-apply.

What you implement, and what you get. Concretely, as an issuer you implement the sign-and-seal path (one Ed25519 signing key on the Trust List, one JWE-seal-to-receiver step) and emit typed rules; as a surface you implement the five-step verify-before-enforce path below and wire the decision into the enforcement point you already own. You get the certification mark, a public registry entry, and reach into every accredited counterparty (present and future) from that single integration. You do not need to become an intermediary to get any of this: most parental-control products are issuers and surfaces, and integrating as one is the free Implementer tier or the audited Certified tier below, not the heavier intermediary ladder.

Bootstrap & discovery

Two things are pinned at integration time, both shipped with the spec rather than learned from the network:

The Linux Foundation AAIF root key is your trust anchor. You verify every Trust List against it. It travels in the spec distribution and is pinned in your build, not fetched at runtime; a rotation is a published, signed root-key event you adopt deliberately.
The Trust List URL is a stable, versioned well-known location (https://openchildsafety.com/.well-known/ocss/trust-list/v1), served as a static signed document over plain HTTPS from a CDN. There is no API to call, no auth to hold, no rate limit to budget for: you GET the document, verify its signature, cache it to next_update, and read it locally.

The verify-before-enforce sequence

Every signal a surface acts on runs the same five steps. There is no step where enforcement happens before verification:

Fetch & verify the list

GET the Trust List; verify its Ed25519Signature2020 proof against the pinned AAIF root key; reject if expired past next_update. Cache the verified copy.

Resolve the sender

Look up the envelope's sender did:ocss:… in the cached list. No match, wrong tier for the payload class, or status suspended/revoked → drop. Check the emergency revocation bulletin set too.

Verify the envelope

Pull the matching kid from the entry's JWKS; verify the RFC 9421 Ed25519 signature over the covered components, the nonce, and the created timestamp; confirm the RFC 8707 resource indicator names you.

Open the inner payload

Decrypt the JWE (A256GCM) with your receiver key and read the typed OCSS rule. Take the stricter of the rule and your own policy floor, never the weaker.

Enforce on your surface, then receipt

Apply the decision at your enforcement point (DNS resolver, MDM/device profile, router, OS age-signal hook, or app-level gate) and emit one signed, replayable audit row for the event.

The payload itself is a typed OCSS Rule: one of the ~100 categories in the rule taxonomy, not free text. A surface switches on the rule's type, not on a vendor's proprietary schema:

the decrypted inner payload: a typed OCSS rule{ "rule": "nfk_hard_block", // from the ~100-category taxonomy "capability": "Block", // §6 — Hard Blocks "age_band": "13-17", // a derived band, never identity "decision": "block", "cite": ["NY-S9051", "CA-AB1043"], "spec": "OCSS-v1.0" }

The payload is one of ~100 typed categories across nine capability areas, not a flat enum. nfk_hard_block above lives under Block (§6, ~22 rules); the taxonomy also spans Age (~9: os_age_signal_ingest, age_gate), Tier (~21: ai_chatbot_tier_gate, csm_privacy_tier_gate), Consent (~14: parental_consent_gate), Alert (~8), Privacy (~13: commercial_data_ban), Audit (~11: algorithmic_audit), and Receipt (~8). A surface implements only the capabilities it claims and switches on the typed rule, so coverage is verifiable category by category rather than asserted in aggregate.

Conformance is not on the honor system. An adopter runs the OCSS conformance suite against each capability it claims; the suite is what backs the certification mark, and it is the same artifact a Trust Committee regulator-observer can read. Implementer (self-attested) and Certified (independently audited) are distinct marks on a public registry; see Conformance.

"Binary and testable" is literal. Each MUST / MUST-NEVER becomes a pass/fail assertion with a fixture, not a rubric a reviewer scores by judgment. For example: "Given a signed envelope whose alg is not Ed25519, the verifier MUST reject it" is one fixture; "Given an envelope whose RFC 8707 audience is a different DID, the verifier MUST drop it" is another; "Given a nfk_hard_block rule, the surface MUST NOT enforce weaker than block" is a third. An implementation either rejects the bad fixture and accepts the good one, or it fails the assertion. There is no partial credit. The suite is in active drafting and ships with the reference vectors at v1.0 ratification (target Q3 2026); we publish neither a test count nor a downloadable harness before it exists, because a fabricated number would be exactly the aspirational-conformance trap the suite is meant to close.

Reference code, test vectors & what shipping costs

A platform engineer's first question is "how many weeks?", so here is the honest shape of it, with the caveat that the artifacts below ship alongside v1.0 ratification (target Q3 2026), not before. The spec is implementable from the prose above today; the tooling that makes it a one-sprint job is in flight:

Reference verifier + signed test vectors. A reference implementation of the verify-before-enforce sequence ships with a vector set: known-good and known-bad envelopes (wrong alg, expired created, mismatched RFC 8707 audience, downgraded rule, revoked kid) so you can prove your verifier rejects what it must before you touch production traffic. The vectors are the executable form of the MUST / MUST-NEVER contract.
SDK surface. The verify path is small (fetch, check one Ed25519 list signature, resolve a DID in-memory, check one envelope signature, open one JWE), so a language binding is a thin wrapper over an existing JOSE/COSE library, not a new crypto stack. Bindings land in the order adopters need them; the spec mandates no proprietary primitive, so any platform with a maintained JOSE library can implement directly from the test vectors if its language isn't covered yet.
Time to first verified signal. Because there is no API to integrate against (you GET a static signed document from a CDN and read it locally), the integration is a verify routine plus an enforcement hook on your existing surface, not a service dependency. Realistically: a working verifier against the test vectors in days, a capability passing the conformance suite in engineer-weeks, not quarters. We will publish a measured "time to first signature verify" benchmark with the reference release rather than quote a number we cannot yet stand behind.
The list is cheap to live with. The Trust List is a single static signed document fetched at most once per next_update (≤ once / 24h) and held in memory; with a forming registry it is kilobytes, and even at hundreds of intermediaries it stays a small document, not a database. Lookups are an in-memory map keyed by DID, with no per-decision network call, so the steady-state runtime cost of "checking trust" is a hash-map read.

Backward compatibility is contractual, not best-effort: the list schema and the envelope format are SemVer'd, minor versions are additive-only, and a breaking change runs through a 90-day public review with an 18-month deprecation window; see versioning. A verifier built against v1.0 keeps working as the list grows.

What it costs to carry the mark

Implementer

Free

self-attested · public registry

Build to the spec, list yourself, carry the Implementer mark. No third-party check; no fee. The fastest path to emitting and enforcing OCSS signals.

Certified

$2.5–5k / yr

audited by approved assessor · verified registry

An approved assessor verifies your conformance; you carry the Certified mark on the verified registry: the claim a procurement or regulatory reviewer can rely on without taking your word for it.

Routing as an accredited intermediary is a separate, heavier ladder (Provisional → Verified → Accredited) and most products do not need it. You become an intermediary only to operate a routing hub, not to emit or enforce signals. Its real cost is not a list fee but the conformance suite plus a recurring independent SOC 2 Type II audit (typically a low-five-figure annual engagement with an approved assessor, scoped to the operator's own controls) before Trust List placement, which is why the bar is deliberately high for the entities that carry other families' signals. Working-group and steering tiers, for organizations that want a seat on the standard itself, are described under Get Involved.

§ 7

For regulators: what this anchors to

OCSS does not replace statute; it gives a regulator a machine-verifiable contract to point enforcement at. Built to the spec, not instead of the law. Each rule traces to specific provisions across 30+ jurisdictions and is updated as legislation moves.

Statute	Status	What OCSS implements
KOSAUS federal	pending	The Kids Online Safety Act's duty-of-care and parental-tools requirements map to the Consent, Tier, and Audit capabilities. Framed as implements: KOSA is not yet enacted, so OCSS is built toward it, not certified against an enforced law.
COPPA 2.0 + FTC COPPAUS federal	enacted rule / pending bill	Verifiable parental consent and data-minimization obligations map to the Consent and Privacy capabilities (`parental_consent_gate`, `commercial_data_ban`).
EU DSA + AADC / GDPR Art. 8European Union	enacted	Systemic-risk and age-appropriate-design duties map to the Audit (algorithmic transparency) and Tier capabilities; GDPR Art. 8 consent age maps to Consent.
UK Online Safety Act + AADCUnited Kingdom	enacted	The OSA's child-safety duties and the Children's Code map to Tier, Block, and Audit, with court-ready evidence via signed Receipts.
CA AB 1043California	pending	OS-level age-signal delivery maps to the Age capability (`os_age_signal_ingest`); Phosra implements toward it; not yet an enforced law.
NY S9051New York	pending	The AI-companion prohibition maps to `ai_no_simulated_companionship` under the Block capability. Framed as implements.
18 U.S.C. §2258A/BUS federal	enacted	Mandatory CSAM reporting maps to `csam_reporting` under Block + Receipt; only Accredited intermediaries may route this Restricted-class traffic.

Two open questions every regulator asks, answered straight. Cross-border coordination: OCSS is jurisdiction-neutral by construction. A Receipt carries its own statute citations (cite: ["KOSA-§4(b)(2)", "CA-AADC-§22675"]), so a GDPR DPA, the UK ICO, and a US state AG each read the same signed evidence against their own law without OCSS arbitrating between regimes. Endorsement boundaries: where OCSS references ratings systems such as ESRB, PEGI, or MPAA, it maps to those scales as inputs; it does not endorse them or speak for them. Regulators and policy bodies don't accredit; they observe, via a reserved Trust Committee seat with read access to the conformance suite and the signed audit format.

Regulator access, subpoena path & failure modes

A regulator's real questions are operational, so they are answered operationally.

Subpoena path. Enforcement evidence is the OCSS Receipt: a signed, replayable record of one enforcement decision (rule ID, age band — never identity, jurisdiction, capability, decision, statute citations, timestamp). A regulator requests Receipts by ID from the surface or intermediary that holds them and recomputes each signature against the signer's published JWKS offline, with no live cooperation from the standards body required, because the evidence verifies itself. The design target is to compress a multi-week document-production cycle into a query that resolves in seconds, since the verifier is a signature check, not a custodial retrieval.
List goes stale mid-investigation. A stale list does not invalidate prior evidence: a Receipt is verified against the signer's published JWKS and its own embedded list reference, not against the current list. An ICAC investigator replaying last quarter's Receipts is checking signatures, so the list being momentarily stale or an intermediary having since been revoked changes nothing about whether yesterday's decision was validly signed. Going forward, staleness fails safe: a verifier past next_update stops accepting new envelopes rather than trusting an old roster.
Root key compromise. This is the one event the 24-hour horizon does not contain, so it is governed, not merely hoped against. The AAIF root key is held offline under documented multi-party controls: no single individual can sign with it, key operations are logged, and rotation is itself a published, signed root-key event rather than a silent swap. If the key were compromised, recovery is a signed re-key distributed through the same channel the spec ships in and pinned anew by participants; it is a deliberate, auditable act, because a trust root that could rotate quietly would be a trust root an attacker could rotate quietly.
Escalation when governance conflicts with statute. The regulator observer seat carries read access and a voice, not a veto, by design, since a standards body cannot bind a sovereign. The escalation path is the reverse: where a Trust Committee decision conflicts with a regulator's law, the regulator enforces its statute against the participant directly, and OCSS's signed audit trail is the evidence that makes that enforcement easier, not a shield against it. A documented decision and its cited clause are recorded in the replayable audit format precisely so a regulator can point enforcement at it. "Build to the spec, not instead of the law" is the operative rule.

Through v1.0 ratification these controls are operated by the editorial steward against published criteria; at ratification the authority (including who may invoke an emergency revocation bulletin and who approves an AAIF root re-key) transfers to the Trust Committee. The transfer is the point: the trust root is meant to outlive any one operator.

Apply for accreditation

Opens Q3 2026, alongside v1.0 ratification. Register interest now to be reviewed when the process opens.

Apply for accreditation Read the Trust Framework

DNS resolvers, MDM and device-management providers, router and OS vendors, carriers, and other infrastructure operators interested in the Charter cohort can register interest now to be reviewed when the process opens alongside v1.0 ratification.

Regulators and policy bodies don't accredit as intermediaries; they watch. They may join as Observers to the Trust Committee (9 seats; one seat is reserved for a regulator observer), with read access to the conformance suite, the signed audit trail format, and accreditation decisions. Email [email protected] for the observer pathway.

Building a parental-control product or family-safety app? You're a primary audience here, not an afterthought to the infrastructure operators. Learn how your product can integrate against the Trust List to route consent and enforcement signals to accredited intermediaries.

opens Q3 2026 · register interest now