OCSS specification · Draft 4 · pre-release

Conformance is earned, not issued.

How an implementation earns OCSS Certified. The mark comes from the standard and its conformance suite — never issued by any one vendor, and never self-stamped.

Earn the mark Read the Charter
Tier ladder

Four tiers, one mark.

Canonical tier definitions live on /partner-tiers. Below is the conformance view on the same ladder.

Free

Tier 0 — Implementer

Public registry listing. Self-attested conformance. Mark reads “Implementer”.

Must demonstrate

Submit a self-attestation form mapping each shipped capability to your implementation.

$2,500–$5,000 / yr (or per-product)

Tier 1 — Certified

Independently audited. Mark reads “Certified”. Listed in the public certified registry.

Must demonstrate

Pass the OCSS conformance suite under audit by an approved third-party assessor.

$15,000–$25,000 / yr

Tier 2 — Working Group Member

Everything in Tier 1, plus seat in the working group of your choice and RFC sponsorship rights.

Must demonstrate

Tier 1 conformance plus active participation in quarterly working-group reviews.

$75,000–$100,000 / yr (invite-only)

Tier 3 — Steering Committee

Everything in Tier 2, plus eligibility for the Adopter Council and co-stewardship of major version planning.

Must demonstrate

Tier 1 conformance plus Adopter Council eligibility once seats open.

The conformance suite

In active drafting.

The OCSS conformance suite (Draft 4 · pre-release) is in active drafting. Test count and download link landing Q3 2026. Want early access? [email protected].

What conformance tests cover

Nine capability areas.

Every implementation is tested against the rule list of each capability it claims to ship.

  • Charter

    Cross-cutting

    The open child-safety specification (OCSS v1.0).

  • Age

    10 rules

    Reads age signals across OS, app, and household.

  • Tier

    22 rules

    Tier gating across content, AI, and privacy.

  • Consent

    14 rules

    Verifiable parental consent and access boundaries.

  • Block

    24 rules

    Hard blocks for prohibited content and apps.

  • Alert

    14 rules

    Parent-facing notifications, reports, and alerts.

  • Privacy

    13 rules

    Data minimization, retention, and deletion rights.

  • Audit

    12 rules

    Algorithmic transparency, audit, and dark-pattern interventions.

  • Receipt

    8 rules

    Cryptographically signed events and regulatory reporting.

Self-attested vs verified

Two paths. Same spec. Different mark.

Tier 0 · self-attestation

Self-attestation

  • Free.
  • Listed in the public registry.
  • No third-party verification.
  • Mark reads “Implementer”.
Tier 1 · verified

Verified

  • Audited by an independent assessor.
  • Listed in the verified registry.
  • Approved auditor list TBD before ratification.
  • Mark reads “Certified”.
Earn the mark

Conformance is earned, not issued.

The mark comes from the standard and its conformance suite. Implement the layers you ship, self-attest, and upgrade to audited Certified when you're ready.

Earn the mark Read the CharterTalk to us