🧬 CBOM Seal
Seal your CycloneDX CBOM (Cryptographic Bill of Materials, ECMA-424) with a post-quantum Dilithium-2 signature and a verifiable drand timestamp — and give anyone a free tool to verify it. Prove your declared crypto inventory for PQC-readiness disclosure.
NSA's CNSA 2.0 requires new/updated National Security Systems to be post-quantum by January 2027, with broader migration running 2030–2035. Enterprise & government procurement is starting to ask vendors to disclose their cryptographic posture. A CBOM is that machine-readable inventory; this seal makes it tamper-evident, timestamped, and quantum-resistant with Dilithium-2 (NIST FIPS 204) — resistant to known classical and quantum attacks, not "unbreakable".
Honest scope: this seals the inventory YOU declare — proving integrity, prior existence and non-repudiation. It is not an audit of correctness/completeness and does not certify that you are PQC-ready or compliant with CNSA 2.0 or any regulation. The quantum-vulnerable counts below are informational, not an audit.
1 · Seal your CBOM (paid / metered)
Why this matters (the PQC clock)
- CNSA 2.0 (NSA): new & updated National Security Systems must be post-quantum by Jan 2027; broad migration 2030–2035.
- US OMB M-23-02 and enterprise/government procurement increasingly require disclosing cryptographic posture (PQC-readiness) in 2026–27.
- CycloneDX CBOM (ECMA-424) is the standard machine-readable format for a cryptographic inventory — the “where is RSA/ECDSA still used?” question.
- Buyers want a signed, timestamped, tamper-evident inventory they can independently re-verify — not a PDF you could edit later.
- Our differentiator: the signature is post-quantum (Dilithium-2) and the timestamp is a public drand round, so the seal stays verifiable and un-backdatable even against a future quantum adversary.
This is a technical attestation tool, not legal or compliance advice. It seals and timestamps your declared inventory; whether you are compliant depends on your actual systems and your obligations.
Pricing
*Fair-use rate-limited (60/min) to keep the free tools available for everyone.