Room 1.2
Invited Talk Parallel session Integrating PQC
Fully PQ TLS for the WWW
Thom Wiggers (PQShield, Senior Cryptography Researcher)
Post-quantum key exchange is now widely deployed: over 50% of traffic uses X25519MLKEM768. So we are moving to the next step: post-quantum certificates and digital signatures for authentication. Unfortunately, just using ML-DSA may lead to a melt down of the WebPKI by overloading Certificate Transparency logs and adding a very large amount of overhead. In this talk, Thom Wiggers will discuss the challenges, and what is being done in the Internet Engineering Task Force to combat the problem. In particular, we will cover the proposed Merkle Tree Certificates, which is probably the biggest change to the WebPKI in decades.