Ken
Roger A. GrimesThe best article on Google's push to Merkle tree certificates for post-quantum handling I've seen. I was going to write an article on this, but this one is better than what I would have written. If you don't know what's going on in the PKI world, how Google is upending traditional PKI certificate handling in the post-quantum world, or what Merkle tree certificate is, this is the article to read.
https://postquantum.com/security-pqc/googles-merkle-tree-mtc-https/
Google’s Merkle Tree (MTC) Gambit to Quantum-Proof HTTPS
Google will not put post-quantum signatures into traditional X.509 certificates for Chrome. Instead, the company announced in February 2026 a fundamentally different architecture - Merkle Tree Certificates (MTCs) - that shrinks quantum-resistant TLS authentication data from roughly 14,700 bytes down to as little as 736 bytes, making post-quantum HTTPS potentially smaller than today's classical certificate chains. The approach, developed jointly with Cloudflare and now being standardized through the IETF's newly formed PLANTS working group, integrates Certificate Transparency directly into the issuance process, replaces per-certificate signatures with compact hash-based inclusion proofs, and proposes an entirely new Chrome Quantum-resistant Root Store (CQRS)