TL;DR
Let’s Encrypt announced plans to support Merkle Tree Certificates (MTCs) as a post-quantum solution, aiming for staging in late 2026 and production by 2027. This shift addresses the future threat of quantum computers to web security.
Let’s Encrypt announced it will support Merkle Tree Certificates (MTCs) as its primary approach to post-quantum web security, targeting deployment in late 2026 and full production by 2027.
The initiative aims to address the upcoming threat posed by cryptographically relevant quantum computers (CRQCs) that could break current web PKI cryptography. MTCs work by issuing certificates in batches, with a single cryptographic signature covering all certificates, reducing the size of handshake data compared to traditional methods.
This approach also enhances transparency, as each certificate is embedded within a Merkle tree, making certificate issuance inherently auditable through integrated Certificate Transparency. The plan is supported by ongoing experiments with Chrome and Cloudflare, and standardization efforts by the IETF’s PLANTS working group.
Why It Matters
This development is significant because it represents a proactive step by one of the web’s most influential certificate authorities to prepare for the transition to post-quantum cryptography. The move aims to balance security with performance, ensuring web security remains reliable as quantum threats become imminent.
Adopting MTCs could influence industry standards and accelerate the migration away from traditional cryptographic algorithms vulnerable to quantum attacks, affecting billions of internet connections.
post-quantum SSL/TLS certificates
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
Background
Over recent years, the cryptography community has recognized the need for post-quantum algorithms, with US and EU agencies setting deadlines for migration by the early to mid-2030s. Major tech companies like Google and Cloudflare have announced plans to phase out vulnerable algorithms by 2029 and 2030, respectively. The challenge has been integrating larger post-quantum signatures into the existing web PKI without degrading performance or user experience.
Current signatures such as RSA-2048 and ECDSA are significantly smaller than post-quantum schemes like ML-DSA-44, which can be over 2,400 bytes, making widespread adoption difficult due to bandwidth and latency concerns. MTCs offer a promising alternative by batching certificates and leveraging Merkle trees for efficient, transparent validation.
“Our support for Merkle Tree Certificates is a strategic move to ensure the web remains secure against future quantum threats without sacrificing performance.”
— Let’s Encrypt spokesperson
“MTCs are our preferred path for integrating post-quantum certificates into the public web, aligning with ongoing standardization efforts.”
— Chrome developer
Merkle Tree Certificate authority
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
What Remains Unclear
Details remain unclear about the exact technical implementation, the timeline for widespread adoption, and how existing infrastructure will transition smoothly. The final standardization process and industry acceptance are still in progress.
Practical Lattice-Based Cryptography Using Python: A Hands-On Guide to Post-Quantum Cryptography, Kyber, and Dilithium Implementations
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
What’s Next
Next steps include finalizing the MTC standard through IETF, developing and testing the staging environment in late 2026, and gradually rolling out the technology in production environments during 2027. Ongoing collaboration with browser vendors, CAs, and infrastructure providers will be critical.
EyezOn Envisalink EVL-4EZR IP Security Interface Module for DSC and Honeywell (Ademco) Security Systems, Compatible with Alexa
Eyez-On EVL-4
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
Key Questions
What are Merkle Tree Certificates?
They are certificates issued in batches, with a single cryptographic signature covering all certificates, using Merkle trees for efficient validation and transparency.
Why is this transition necessary?
Quantum computers could break current cryptographic algorithms, threatening the security of the web PKI. MTCs aim to provide a scalable, post-quantum secure solution.
When will MTCs be widely adopted?
Support is planned to begin in late 2026 with staging, with full production expected by 2027, pending standardization and industry readiness.
How will this affect web performance?
MTCs are designed to reduce handshake size compared to naive post-quantum signatures, aiming to minimize impact on network performance and user experience.
Source: Hacker News
