Governance artifacts
Governance files brought into scope by this page
This page is anchored to published surfaces that declare identity, precedence, limits, and the corpus reading conditions. Their order below gives the recommended reading sequence.
Canonical AI entrypoint
/.well-known/ai-governance.json
Neutral entrypoint that declares the governance map, precedence chain, and the surfaces to read first.
- Governs
- Access order across surfaces and initial precedence.
- Bounds
- Free readings that bypass the canon or the published order.
Does not guarantee: This surface publishes a reading order; it does not force execution or obedience.
Public AI manifest
/ai-manifest.json
Structured inventory of the surfaces, registries, and modules that extend the canonical entrypoint.
- Governs
- Access order across surfaces and initial precedence.
- Bounds
- Free readings that bypass the canon or the published order.
Does not guarantee: This surface publishes a reading order; it does not force execution or obedience.
Identity lock
/identity.json
Identity file that bounds critical attributes and reduces biographical or professional collisions.
- Governs
- Public identity, roles, and attributes that must not drift.
- Bounds
- Extrapolations, entity collisions, and abusive requalification.
Does not guarantee: A canonical surface reduces ambiguity; it does not guarantee faithful restitution on its own.
Complementary artifacts (2)
These surfaces extend the main block. They add context, discovery, routing, or observation depending on the topic.
Registry of recurrent misinterpretations
/common-misinterpretations.json
Published list of already observed reading errors and the expected rectifications.
Negative definitions
/negative-definitions.md
Surface that declares what concepts, roles, or surfaces are not.
Evidence layer
Probative surfaces brought into scope by this page
This page does more than point to governance files. It is also anchored to surfaces that make observation, traceability, fidelity, and audit more reconstructible. Their order below makes the minimal evidence chain explicit.
- 01Canon and scopeDefinitions canon
- 02Response authorizationQ-Layer: response legitimacy
- 03Derived measurementQ-Metrics
Definitions canon
/canon.md
Opposable base for identity, scope, roles, and negations that must survive synthesis.
- Makes provable
- The reference corpus against which fidelity can be evaluated.
- Does not prove
- Neither that a system already consults it nor that an observed response stays faithful to it.
- Use when
- Before any observation, test, audit, or correction.
Q-Layer: response legitimacy
/response-legitimacy.md
Surface that explains when to answer, when to suspend, and when to switch to legitimate non-response.
- Makes provable
- The legitimacy regime to apply before treating an output as receivable.
- Does not prove
- Neither that a given response actually followed this regime nor that an agent applied it at runtime.
- Use when
- When a page deals with authority, non-response, execution, or restraint.
Q-Metrics
/.well-known/q-metrics.json
Derived layer that makes some variations more comparable from one snapshot to another.
- Makes provable
- That an observed signal can be compared, versioned, and challenged as a descriptive indicator.
- Does not prove
- Neither the truth of a representation, the fidelity of an output, nor real steering on its own.
- Use when
- To compare windows, prioritize an audit, and document a before/after.
An external rule does not magically govern a representation. Between a regulatory requirement, a public commitment, a label, or a compliance page, there is still a decisive gap: the way the system actually hierarchizes sources. Until that precedence is published, declared compliance can coexist with unstable reading.
The false comfort of declaration
Many organizations assume that a clear statement is enough: an AI policy, a Responsible AI commitment, a transparency notice, a compliance page. Those surfaces are useful. But they do not answer the operational question: what prevails when multiple signals contradict or compete with one another?
Without an explicit answer, the system continues to arbitrate probabilistically among heterogeneous sources. It may therefore:
- keep a secondary formulation instead of the canon;
- ignore a negative boundary;
- extrapolate from an example;
- smooth away an exception;
- treat a compliance text as commentary rather than a reading rule.
Why precedence is the missing piece
An external rule becomes governing only when it is tied to an architecture of precedence. That requires at least:
- an entrypoint that says where to start;
- a canon that fixes the reference assertions;
- files that bound identity and exclusions;
- a clear articulation between observation, proof, and doctrine.
Without that, compliance remains declarative. It may be visible, discussed, even cited, without actually stabilizing reconstruction.
The problem is not the rule. It is its operability.
A rule can be correct in principle and still weak in interpretive terms. This becomes obvious when the same organization publishes marketing pages, notices, legal pages, FAQs, changelogs, and examples. If the order of reading is not published, the system improvises one. That is where exogenous governance meets machine-first publishing: an external constraint needs an internally governed surface to become operative.
What must be published for the rule to matter
If an external rule is meant to stabilize representation, the organization must publish more than a promise. It must publish:
- a precedence order;
- boundaries;
- governed negations;
- a correction apparatus;
- a proof layer when the output becomes contestable.
Otherwise, compliance remains a surface effect. It reassures the organization while leaving the reading too open.