“Verified” is only worth what the method behind it can withstand. A tier badge a skeptic cannot audit is a marketing claim; a tier badge backed by a public, versioned methodology is a standard. This document is that methodology — the exact checks behind each v=AEO1 verification tier, and the precise boundary of what a tier attests.
Every tier is a defined combination of two independent things, which must never be conflated:
The record originates from the domain owner — proven by DNS control — and the facts are untampered since signing — proven by the Ed25519 signature over the NFC-canonical fact set. This is binary and machine-checkable.
How far the issuing authority went to check the facts against independent sources before assigning the tier. This is a claim about diligence at a point in time — not a warranty of ongoing or absolute truth. Consuming agents weight trust by tier and freshness.
| Check | What it verifies | Pass criterion |
|---|---|---|
| C1 · integrity | The _aeo TXT record is well-formed and carries the required tags. | Parses under the AEO1 grammar. |
| C2 · control | The record is published under the described domain's DNS — proving the publisher controls the domain. The anchor other AI-trust mechanisms leave out of scope; AEO1's foundation. | Resolves at _aeo.<domain> (A-label form for IDNs). |
| C3 · signature | The Ed25519 signature verifies over the canonical fact set (NFC + codepoint order) against the issuer's published key. | verify() true; tamper-evident. |
| C4 · key status | Issuer key resolvable at /.well-known/aeo-public-key.json, status active or retired (not revoked). | A usable key is found. |
| C5 · consistency | The facts fetched from catalog= hash to the signed facts_hash. | Recomputed hash == signed hash. |
| C6 · attestation | The domain owner explicitly attested the facts, captured and timestamped. | Attestation on record (last_confirmed_at). |
| C7 · corroboration | Degree of independent checking: none / enrolled-only / human-review-or-1-source / multi-source-agreement. Scored as of the verification date; sources logged. | Meets the depth required by the target tier. |
| C8 · freshness | verified_at within the acceptable window for the fact class; time-sensitive facts (hours, pricing) age faster. | Within window. |
Each tier is a defined set of checks; every higher tier is a strict superset of the one below it.
| Tier | Checks required | What it attests |
|---|---|---|
| self_declared | C1 + owner-supplied | The owner published this. No authority, no signature, no corroboration. |
| listed | C1, C2 + enrolled | Provenance + domain control, catalog published. No fact review. |
| verified | C1–C6 + C7 at “human-review or ≥1 independent source” | Authentic, owner-attested, and checked to that depth as of verified_at. |
| grounded | all of verified + C7 at “≥2 independent sources in agreement” + signed | The highest diligence claim AEO1 makes. |
Consuming agents MAY require a minimum tier for sensitive queries — for example, grounded before citing time-sensitive or safety-relevant facts such as emergency-service hours.
AEO1 attests provenance, authenticity, and corroboration-depth-as-of-a-date. It does not warrant that a fact is true in the world, nor that a fact remains true after verified_at.
“grounded” means “corroborated against multiple independent sources, in agreement, as of verified_at” — not a perpetual guarantee of truth. Consuming agents apply freshness (C8) and their own tier thresholds. The issuing authority's diligence is bounded by the named source types and the verification date; it is not an insurer of the underlying facts.
This is the issuer-vs-truth split every credential ecosystem uses: the signature attests who declared what, when, and the diligence performed — not the truth of the underlying claim.
This is version 1.0. Changes are versioned and linkable, so a verifier can pin the methodology a given record was assessed under. This version supersedes nothing.