{
  "schema": "https://ewii.delta-telematics.ca/schemas/trust-center-manifest/v1",
  "version": "1.0",
  "issued": "2026-05-11",
  "next_review": "2026-08-11",
  "vendor": {
    "legal_name": "Delta Telematics Canada Inc.",
    "registered_office": {
      "city": "Fredericton",
      "province": "New Brunswick",
      "country": "Canada"
    },
    "security_contact": "security@delta-telematics.ca",
    "public_trust_center": "https://ewii.delta-telematics.ca/trust",
    "pack_canonical_url": "https://ewii.delta-telematics.ca/api/trust-center-download"
  },
  "product": {
    "name": "Ewii Secure MCP VPN",
    "deployment_model": "self_hosted",
    "vendor_operates_runtime_component": false,
    "vendor_sees_customer_data": false,
    "components": {
      "controller": {
        "role": "control_plane",
        "deployed_by": "operator",
        "marketing_name": "Hub (operator-side stack)"
      },
      "relay": {
        "role": "regional_quic_terminator",
        "deployed_by": "operator",
        "marketing_name": "Hub (operator-side stack)",
        "scaling": "horizontal — N nodes per region behind L4 load balancing"
      },
      "tunnel_agent": {
        "role": "customer_side_proxy",
        "deployed_by": "operators_customer",
        "marketing_name": "Client"
      }
    },
    "components_vendor_operates": ["container_registry", "signing_keys", "advisory_channel"]
  },
  "cryptographic_primitives": [
    {"primitive": "ChaCha20-Poly1305", "role": "application_aead", "spec": "RFC 8439", "layer": "application"},
    {"primitive": "X25519", "role": "ephemeral_key_exchange", "spec": "RFC 7748", "layer": "handshake"},
    {"primitive": "HKDF-SHA256", "role": "key_derivation", "spec": "RFC 5869", "layer": "handshake"},
    {"primitive": "SPIFFE/SVID (X.509)", "role": "workload_identity", "spec": "SPIFFE v1.0 §4", "layer": "identity", "rotation_hours": 24},
    {"primitive": "QUIC + TLS 1.3", "role": "transport", "spec": "RFC 9000 + RFC 8446", "layer": "transport"},
    {"primitive": "Cosign / Sigstore", "role": "container_image_signing", "spec": "Sigstore project", "layer": "supply_chain"},
    {"primitive": "Sliding-window replay protection", "role": "anti_replay", "spec": "NIST SP 800-38D", "layer": "application"}
  ],
  "cryptographic_agility": {
    "current_suite": "v1: ChaCha20-Poly1305 + X25519 + HKDF-SHA256",
    "post_quantum_roadmap": "PQ-hybrid (Kyber-768) targeted 2027",
    "fips_path_roadmap": "AES-256-GCM suite alternative under evaluation"
  },
  "identity_model": {
    "scheme": "SPIFFE / X.509 SVID",
    "issuer": "customer-controlled identity authority",
    "rotation_hours": 24,
    "trust_bundles_per_tenant": true,
    "no_password_path": true,
    "no_api_key_path": true,
    "revalidation": "per-query"
  },
  "supply_chain": {
    "image_signing": {
      "tool": "Cosign / Sigstore",
      "transparency_log": "rekor.sigstore.dev",
      "verification_command": "cosign verify --certificate-identity-regexp 'release@delta-telematics\\.ca' --certificate-oidc-issuer 'https://accounts.google.com' registry.delta-telematics.ca/ewii/hub:<TAG>"
    },
    "sbom": {
      "format": "SPDX 2.3",
      "attached_as": "cosign attestation",
      "retrieval": "cosign download attestation --predicate-type https://spdx.dev/Document registry.delta-telematics.ca/ewii/hub:<TAG>"
    },
    "vulnerability_scanning": {
      "per_commit": ["govulncheck", "npm_audit", "trivy"],
      "weekly_rescan": true,
      "block_on": ["CRITICAL with available fix", "HIGH with available fix"]
    },
    "registry": {
      "host": "registry.delta-telematics.ca",
      "jurisdiction": "Canada",
      "push_access": "single CI service account, hardware-token-protected"
    },
    "reproducible_builds": true
  },
  "vulnerability_disclosure": {
    "email": "security@delta-telematics.ca",
    "security_txt": "https://ewii.delta-telematics.ca/.well-known/security.txt",
    "pgp_public_key": "https://ewii.delta-telematics.ca/.well-known/security-pubkey.asc",
    "pgp_fingerprint": "A186 9048 F5F7 18EE E885 B16F 873B 4429 FB79 1B25",
    "pgp_algorithm": "Ed25519 (signing) + Cv25519 (encryption subkey)",
    "github_advisory": "https://github.com/aizukanne/ewii-website/security/advisories/new",
    "slas": {
      "initial_acknowledgement_business_days": 1,
      "triage_business_days": 5,
      "status_update_cadence_days": 7,
      "coordinated_disclosure_days": 90,
      "patch_after_critical_disclosure_days": 7
    },
    "safe_harbor": true,
    "acknowledgement_page": "https://ewii.delta-telematics.ca/trust#acknowledgements"
  },
  "threat_model": {
    "in_scope_adversaries": [
      "compromised relay (observable, may be fully controlled)",
      "adversarial operator network with hostile co-tenants",
      "ciphertext-replay adversary",
      "TLS downgrade / version-rollback adversary",
      "SVID forgery / theft adversary"
    ],
    "out_of_scope": [
      "endpoint compromise at Client host",
      "insider threat at operator Hub host",
      "side-channel attacks on underlying primitive implementations",
      "DDoS",
      "application-layer attacks on customer-side database content"
    ]
  },
  "sovereignty": {
    "vendor_jurisdiction": "Canada (federal incorporation, NB registered office)",
    "us_extraterritorial_exposure": "none",
    "us_subsidiary": false,
    "us_parent": false,
    "us_personnel_with_privileged_access": false,
    "recommended_deployment_posture": "Canadian datacenters operated by Canadian-controlled entities; Canadian KMS for keys",
    "control_mappings_available": ["ITSG-33", "Protected B alignment"]
  },
  "soc2_self_attestation": {
    "type": "self_attestation",
    "external_audit_status": "not_yet",
    "external_audit_roadmap_year": 2027,
    "trust_service_criteria_claimed": ["Security (CC1-CC9)", "Confidentiality (C1)"],
    "trust_service_criteria_not_claimed_with_reason": {
      "Availability (A)": "customer-operated runtime; vendor does not control availability of customer deployment",
      "Processing Integrity (PI)": "customer-operated runtime",
      "Privacy (P)": "vendor does not collect or process customer end-user data"
    }
  },
  "sub_processors_for_customer_data": [],
  "supply_chain_dependencies": [
    {"name": "GitHub", "role": "source_code_hosting", "substitutable": true},
    {"name": "Sigstore (rekor.sigstore.dev, fulcio.sigstore.dev)", "role": "public_transparency_log", "substitutable": "in_principle"},
    {"name": "Canadian datacenter (registry hosting)", "role": "registry_host", "substitutable": true, "sees_customer_data": false}
  ],
  "deployment_hardening_checklist_published": true,
  "deployment_hardening_checklist_section": "11",
  "document_maintenance": {
    "current_version": "1.0",
    "issued": "2026-05-11",
    "next_scheduled_review": "2026-08-11",
    "review_cadence": "quarterly",
    "out_of_band_updates_on_material_change": true,
    "subscribers_notified_via": "security@delta-telematics.ca"
  }
}