Skip to content

UCCO Foundation — Infrastructure Brief v1

Date: 14 March 2026
From: Tim (via Claude)
For: Alex

SURFACE: ucco.foundation (NEW — separate ecosystem)

DO NOT TOUCH: ucca-engine, ucca-docs, ucca-authenticator, ir.ucca.online, keys.ucca.online, ops.ucca.online, rtopacks.com.au, vcc.ucca.online

→ ALEX

What this is

A completely separate infrastructure ecosystem for the UCCO Foundation — the neutral standards body that stewards the UCCO open specification. This is NOT part of the UCCA Inc commercial stack. Separate Cloudflare account. Separate GitHub org. Separate domain. Separate everything.

Do not touch the UCCA codebase. Do not reference UCCA workers or databases. Build fresh against the patterns you know.

Phase 1 — Human actions required BEFORE you start (Tim does these)

Tim must complete these before Alex can begin:

  1. Register ucco.foundation domain — Porkbun recommended
  2. Create new Cloudflare account — foundation@ucco.foundation (new email)
  3. Add ucco.foundation zone to new CF account
  4. Create GitHub org ucco-foundation — public
  5. Create repo ucco-foundation/ucco-standard — public
  6. Create repo ucco-foundation/ucco-site — public
  7. Invite Alex as member of ucco-foundation GitHub org

Tim confirms when done. Alex does not proceed until confirmed.

Phase 2 — Alex builds

2.1 Cloudflare Workers — foundation stack

Worker: ucco-site - Zone: ucco.foundation - Serves the MkDocs static site - Routes: ucco.foundation/*

Worker: ucco-api
- Zone: api.ucco.foundation - Handles: contributor registration, download tracking, mailing list signup - D1 database: foundation-db (see schema below)

D1 database: foundation-db

-- Contributor registry
CREATE TABLE contributors (
  id TEXT PRIMARY KEY,
  name TEXT NOT NULL,
  email TEXT NOT NULL UNIQUE,
  organisation TEXT,
  jurisdiction TEXT,
  created_at TEXT NOT NULL,
  verified_at TEXT,
  contributor_hash TEXT UNIQUE
);

-- Document download log
CREATE TABLE downloads (
  id TEXT PRIMARY KEY,
  document_id TEXT NOT NULL,
  document_version TEXT NOT NULL,
  contributor_id TEXT,
  ip_hash TEXT,
  downloaded_at TEXT NOT NULL,
  country_code TEXT
);

-- Mailing list
CREATE TABLE mailing_list (
  id TEXT PRIMARY KEY,
  email TEXT NOT NULL UNIQUE,
  name TEXT,
  subscribed_at TEXT NOT NULL,
  confirmed_at TEXT,
  confirmation_token TEXT
);

-- Public comment log
CREATE TABLE comments (
  id TEXT PRIMARY KEY,
  contributor_id TEXT,
  document_id TEXT NOT NULL,
  document_version TEXT NOT NULL,
  section_reference TEXT,
  comment_text TEXT NOT NULL,
  submitted_at TEXT NOT NULL,
  status TEXT DEFAULT 'received'
);

-- Document registry
CREATE TABLE documents (
  id TEXT PRIMARY KEY,
  title TEXT NOT NULL,
  version TEXT NOT NULL,
  status TEXT NOT NULL,
  published_at TEXT NOT NULL,
  pdf_path TEXT,
  docx_path TEXT,
  download_count INTEGER DEFAULT 0
);

2.2 MkDocs Site

Stack: MkDocs + Material theme — same pattern as ucca-docs but deployed independently to ucco.foundation

Site structure: 

ucco.foundation/
├── /                     — Home / landing
├── /standard/            — Current specification
│   ├── /v1.0/           — UCCO v1.0
│   ├── /v1.1/           — UCCO v1.1 (current)
│   └── /v2.0-draft/     — Working draft
├── /contribute/          — How to contribute
├── /register/            — Contributor registration form
├── /comment/             — Submit public comment
├── /download/            — Download specs (PDF + DOCX)
└── /governance/          — Foundation governance documents

Navigation tabs: Standard | Contribute | Governance | Download

Theme: Dark navy / teal — consistent with UCCO brand but visually distinct from ucca.online. Use IBM Plex (already licensed). Strict CSP.

2.3 API Endpoints

POST /api/register 

{
  "name": "string",
  "email": "string",
  "organisation": "string (optional)",
  "jurisdiction": "string (optional)",
  "mailing_list": true
}
- Creates contributor record in foundation-db - Generates contributor_hash (SHA-256 of email + created_at + salt) - Sends confirmation email via Resend - Optionally adds to mailing list - Returns: { contributor_id, contributor_hash, status: "pending_verification" }

POST /api/download 

{
  "document_id": "string",
  "document_version": "string",
  "contributor_id": "string (optional)"
}
- Logs download event to foundation-db - Increments download_count on documents table - Returns: signed download URL (R2 object, 5 min expiry) - Anonymous downloads permitted — contributor_id optional

POST /api/comment 

{
  "contributor_id": "string",
  "document_version": "string",
  "section_reference": "string (optional)",
  "comment_text": "string"
}
- Requires verified contributor_id - Logs comment to foundation-db - Sends acknowledgement email - Returns: { comment_id, status: "received" }

POST /api/subscribe 

{
  "email": "string",
  "name": "string (optional)"
}
- Adds to mailing list - Sends double opt-in confirmation via Resend - No contributor record required

GET /api/stats (public) 

{
  "contributors": 0,
  "downloads": { "v1.0": 0, "v1.1": 0 },
  "comments_received": 0
}
- Public stats for the landing page - No PII exposed

2.4 R2 Storage

Bucket: ucco-foundation-docs - Stores PDF and DOCX versions of all spec documents - Served via signed URLs (5 min expiry) — not publicly browsable - Initial contents (Tim uploads after bucket created): - specs/UCCO-Standard-v1.0-Draft.pdf - specs/UCCO-Standard-v1.0-Draft.docx - specs/UCCO-Standard-v1.1-Draft.pdf - specs/UCCO-Standard-v1.1-Draft.docx

2.5 Email — Resend

From address: foundation@ucco.foundation
DKIM: Configure on ucco.foundation zone

Email types: - Contributor registration confirmation - Download receipt (if contributor_id provided) - Comment acknowledgement - Mailing list double opt-in - Mailing list announcements (manual trigger, admin only)

2.6 GitHub repo — ucco-standard

README.md — Tim will provide content (Claude writing separately)

Repo structure: 

ucco-standard/
├── README.md
├── CONTRIBUTING.md
├── GOVERNANCE.md
├── specs/
│   ├── v1.0/
│   │   └── UCCO-Standard-v1.0-Draft.docx
│   └── v1.1/
│       └── UCCO-Standard-v1.1-Draft.docx
├── working-drafts/
│   └── v2.0/
│       └── UCCO-SessionNotes-2026-03-14.md
└── conformance/
    └── README.md  (placeholder — test suite TBD)

GitHub settings: - Issues enabled — public comment channel - Discussions enabled — community forum - No PR merge without Tim review - Branch protection on main - Issue templates: Bug Report | Specification Question | Public Comment | Conformance Query

Phase 3 — Content (Tim + Claude provide, Alex commits)

Alex commits but does not write: - README.md - CONTRIBUTING.md - GOVERNANCE.md - All MkDocs page content - Issue templates

Claude writes these. Tim reviews. Alex commits.

What this is NOT

  • Not a demo or sandbox
  • Not connected to UCCA commercial infrastructure in any way
  • Not publishing UCCA implementation code
  • Not a product — a standards body

The foundation publishes the specification. UCCA publishes nothing about how it implements the specification. These are permanently separate.

Deployment checklist

  • Tim: register ucco.foundation
  • Tim: create CF account for foundation
  • Tim: add ucco.foundation zone
  • Tim: create GitHub org ucco-foundation
  • Tim: create ucco-standard repo (public)
  • Tim: create ucco-site repo (public)
  • Tim: invite Alex to org
  • Alex: create foundation-db D1 database
  • Alex: create ucco-foundation-docs R2 bucket
  • Alex: deploy ucco-site Worker
  • Alex: deploy ucco-api Worker
  • Alex: configure DKIM for ucco.foundation
  • Alex: configure DNS (A, CNAME, MX records)
  • Tim: upload spec documents to R2
  • Tim: seed documents table with initial records
  • Alex: deploy MkDocs site content
  • Both: end-to-end test — register, download, comment flow

→ TIM

What this builds

A completely independent home for the UCCO open standard. Separate from UCCA Inc in every way that matters — separate domain, separate Cloudflare account, separate GitHub, separate email. When ISO or W3C look at it they see a neutral standards body, not a company hosting its own spec.

What it does

  • Publishes v1.0 and v1.1 of the UCCO specification for download (PDF + DOCX)
  • Lets anyone register as a contributor
  • Lets contributors submit public comments on draft specifications
  • Logs every download — we know who's reading it
  • Runs a mailing list for public comment notifications and new version announcements
  • Hosts the GitHub repos where the standard lives publicly

Why the code stays out

The foundation publishes the standard. UCCA publishes nothing about how it implements the standard. Anyone smart enough to build a conforming implementation deserves what that brings. Anyone who can't build one can use UCCA's. These are permanently different things.

Why separate infrastructure

The foundation cannot appear to be a subsidiary of UCCA Inc. Separate account, separate billing, separate everything. This is what makes the governance commitment in v1.1 credible — the structure is already separate, not promised to be someday.

The testbed insight

Every person who registers to read about UCCO gets a basic contributor object. That object is their first interaction with the system UCCO describes. When the authenticator app is ready, they can upgrade it. The first users of UCCO are the people who come to learn about UCCO. That's intentional.

Human actions needed from you before Alex starts

  1. Register ucco.foundation at Porkbun
  2. Create a new Cloudflare account (use foundation@ucco.foundation as email — create that email first via Resend or similar)
  3. Add ucco.foundation zone to the new CF account
  4. Create GitHub org ucco-foundation
  5. Create two public repos: ucco-standard and ucco-site
  6. Invite Alex as member

Then tell Alex to go.

Urgents still on the board

  • GitHub PAT ucca-engine-push expires March 26 — renew this week
  • ucca.com.au + ucca.asia expire March 24 — renew this week