A Post-Quantum Future for Let's Encrypt
5 hours ago
- #Post-Quantum Cryptography
- #Merkle Tree Certificates
- #Web PKI
- Let's Encrypt is planning to adopt Merkle Tree Certificates (MTCs) as a post-quantum-safe solution for the Web PKI, aiming for staging in late 2026 and production by 2027.
- MTCs address the size issue of post-quantum signatures by batching certificates with a single signature, reducing handshake size and integrating transparency directly into issuance.
- The urgency for post-quantum authentication is increasing due to global mandates and tech company commitments, with a timeline targeting migration by the end of the decade.
- MTCs' design eliminates the need for separate Certificate Transparency logs, making transparency inherent to the certificate issuance process.
- Let's Encrypt emphasizes that current certificates remain unchanged, and post-quantum certificates will be free, automated, and accessible via ACME clients when available.