SADAR's protocol mechanisms establish authenticity through cryptography. SADAR's governance model establishes trustworthiness through institutional accountability. Both are required: cryptographic verification without institutional trust gives provenance but no judgment; institutional trust without cryptographic verification gives unvalidated assertions.
This page introduces the governance architecture: the three-role model, the three-stepladder of conformance, certification, and authorization, and the operational modes those concepts produce. The full treatment lives in the linked SADAR Governance and Conformance document.
The model defines three governance roles, organizationally independent within a public federation:
The independence between governance and operational roles is a structural property, not a procedural convenience. The credibility of the certification regimedepends on the certifier having no operational interest in the outcome.
The institutional-trust path is built on three sequential concepts. Each presupposes the one before it.
The three concepts compose into the operational modes: Internal-only registries are conformant but not certified; Authorized non-federated registries are conformant and certified but not authorized; Authorized federated registries are conformant, certified, and authorized. All three are SADAR registries; they differ only in the institutional treatment of their conformance and the role they may play.
Authorization gates a specific role: serving as the home registry for content flowing into public federation. A non-authorized registry MAY consume content from authorized registries through bilateral federation, but MUST NOT serve as a home registry for content discoverable to public-federation peers. This produces a directed-graph property: content flows from authorized to non-authorized; non-authorized registries cannot inject content back into the public federation.
The architectural enforcement is automatic. The consumer-side institutional-trust check verifies that the home registry of replicated content is currently authorized. Content from non-authorized home registries fails this check; no separate gating mechanism is required at the protocol level.
Authorization MAY be revoked by the Authorizing Body. Certification MAY be revoked, separately. The two acts are decoupled: the Authorizing Body MAY do either, both, or neither in response to investigated conduct. A registry whose conduct violates federation norms but whose conformance remains intact is deauthorized but retains certification (transitioning to Authorized non-federated). A registry whose conformance is found wanting receives both deauthorization and certification revocation.
Trust resolves through two independent paths: cryptographic provenance (verifying signatures back to a recognized trust anchor) and institutional trust (verifying current authorization in the Directory). Both are necessary. They fail independently, and the federation's resilience depends on each being separately detectable and addressable.
Every discoverable artifact carries a TTL, deprecation history that remains durably discoverable, immediate revocation, and renewal at TTL expiry as substantive re-authorization. The mechanism applies uniformly to manifests, registry descriptors, federation assertions, certification records, authorization status, and home-registry bindings.
SADAR Governance and Conformance — the full normative draft. Covers the three-role model in detail, the recursive architectural pattern across layers, the operational-modes table, the deauthorization matrix, two-path trust resolution, the universal lifecycle, authentication uniformity, and the complete normative requirements (R-GOV, R-CONF, R-CERT, R-AUTH, R-TRUST, R-LC,R-AUTHN).
OpenSemantics.org Charter — operational procedures for the SADAR Certification Program; SADAR Conformance Specification — mandatory and optional features, bootstrap algorithms, test suites; SADAR Replication and Manifest Provenance — how the institutional-trust path is enforced at consumer-side verification; SADAR Federation Establishment and Policy — how registries discover and configure bilateral federation agreements.