The following list is a collection of areas, where some work is needed

* make sure that critical files are checked more rigid (filesystem permissions)
* implement message signing for RSA keys
* implement verification of certificates against rules
* implement verification of certificates against CSRs
* implement a way to convert keys to SSH format (separate tool?)
* find a way to get ED25519 working
* implement info command

* add zlint support for linting certificates