We joined forces with MTG AG, a leader in public key infrastructures, to release JZLint 2.0 with support for analyzing post-quantum (PQC) certificates and their public keys.

JZLint 2.0 is a certificate linter that plays a crucial role in the issuance of digital certificates. Linting involves checking certificates for errors and ensuring their conformance to relevant specifications. This vital step is performed by public certificate authorities (CAs) to ensure compliance with technical standards and security requirements before the certificates are issued. Tools like JZLint play an essential role in the transition to post-quantum secure cryptography.

The new version of JZLint extends this linting capability to certificates utilizing post-quantum cryptographic algorithms such as ML-KEM (FIPS 203) and ML-DSA (FIPS 204). The in-depth analysis performed by JZLint is powered by Cryspen’s, formally verified, libcrux cryptography library written in Rust and verified through hax. Discover the JZLint command-line interface (CLI) today.

In collaboration with the University of Regensburg, we have also published a research paper supporting the development of PQC linting. This publication is available on ePrint and will be included in the proceedings of the Workshop on Secure Protocol Implementations in the Quantum Era (SPIQE). Presentation slides from the workshop can be found on the SPIQE website.

About MTG

MTG AG is a leading provider of advanced encryption technologies “Made in Germany”. MTG simplifies and centralizes the management of cryptographic keys and identities in companies and the public sector. With MTG ERS MTG offers an industry-specific implementation and easy integration of a complete key management lifecycle into selected business processes. MTG’s product portfolio includes Certificate Lifecycle Management (CLM), Public Key Infrastructures (PKI), Key Management Systems (KMS), and the integration of Hardware Security Modules (HSMs) – as cloud, managed, or on-premise solutions.