Filippo ValsordaLast year, my position was that we still had time to design PQ authentication mechanisms.
Now, based on the pace of progress and on statements like Google's, I believe:
1. we need to finish rolling out PQ key exchange yesterday
2. we need to start rolling out PQ auth now
3. it's too late to ship any new non-PQ design or system
https://blog.google/innovation-and-ai/technology/safety-security/cryptography-migration-timeline/
Kevin