The one standard a child-safety app implements once.
Build once. A Rules layer for what a protection means; a Trust Framework for how it moves and who's trusted. Open, vendor-neutral.
Two layers under one umbrella
Build both once. Each evolves on its own — vocabulary grows, routing hardens, neither touches the other.
Integrate once. Protect every accredited surface.
No more one integration per device, network, and platform. Build to OCSS once; reach everywhere a child is.
115 rules, mapped to 91 laws
Every category exists because a statute demands it. One protection satisfies obligations across many jurisdictions at once.
Four of 115. Full matrix in Resources.
One protection, app to surface
A parent sets a rule. It travels six stages — app to surface — and no intermediary ever reads the child's data.
Parent's rule becomes a typed OCSS category — parental_consent_gate.
App seals it as the JWE inner layer; routing rides outside.
Carried by outer headers. Routed, never read.
Surface verifies the Ed25519 signature against the Trust List.
Applied at DNS, router, OS or app — on its own terms.
Signed, PII-free receipt. Regulator-replayable.
The router-blind envelope
One rule above all: networks that carry the protection never read the child's data. Routing outside, protection sealed inside.
Five surfaces, one protection
One signed signal, honored everywhere a child meets the network — each surface enforces on its own terms.
Resolver blocks, device policy, network filtering, in-app gating, OS age signals — one OCSS envelope drives them all.
Everything an app builds to: normative text, registry, conformance contract.
Pre-ratification (Draft 4) and honest about it. Contract, trust model, and empty-by-design registry — all published as written, zeros included.