Field notes

Field notes

Working commentary on Canadian sovereign defence infrastructure. Written for procurement, engineering, and accreditation leads at primes and federal departments.

  1. A procurement checklist for the sovereign Kubernetes supply chain

    Fifteen criteria for any vendor in the trust path of a classified Kubernetes deployment: the question to ask in an RFP, the evidence that answers it, and the red flag that fails it. The closing essay in the series.

    Read
  2. The cost Canada cannot measure

    Canada is spending $81.8B to rebuild its defence industry and named Secure Cloud a sovereign capability. The platforms its primes run classified workloads on are still under US legal authority. The cost of that exposure is invisible by design, and the absence is itself the cost.

    Read
  3. Accreditation by emission, not collection

    ITSG-33 evidence for a Protected B system is assembled by hand today, a year-or-more job repeated per system and redone on every significant change. What changes when the deployment chain emits that evidence at every signed apply, instead of a team collecting it after the fact.

    Read
  4. The path from build to classified deployment

    A hash in a lockfile tells you the bytes haven't changed since you locked them. It cannot tell you they were ever the right bytes.

    Read
  5. Europe's four levels of cloud sovereignty, read from Ottawa

    On June 3, 2026, the EU proposed a cloud-procurement law that sorts vendors into four sovereignty levels and puts defence at the top one. It is the residency-versus-jurisdiction distinction, written down, and useful in Canada long before it becomes law.

    Read
  6. Canadian-jurisdictional, not Canadian-hosted

    Residency is a question about geography. Jurisdiction is a question about law. In-country hosting answers the first and leaves the second untouched on every surface that matters: the operator, the trust roots, the supply chain, the runtime, and the corporate parent.

    Read
  7. Reading the Defence Industrial Strategy as a software procurement signal

    $81.8B got the headlines. The 70% Canadian-procurement target and Canada's SAFE accession are what make vendor jurisdiction a real disqualifier in 2026.

    Read
  8. The CLOUD Act gap in Canadian defence infrastructure

    Every meaningful managed Kubernetes service is operated under foreign legal authority. For Canadian defence primes, the Defence Industrial Strategy makes that posture untenable.

    Read