Hacker News Viewer

Top 20

Cloudflare targets 2029 for full post-quantum security

by ilreb on 4/7/2026, 2:07:34 PM

https://blog.cloudflare.com/post-quantum-roadmap/

Comments

by: rdl

It will be interesting to compare PQ rollout to HTTPS rollout historically (either the &quot;SSL becomes widespread in 2015&quot; thing, or the deprecation SSL 3.0). Cloudflare is in an easy position to do stuff like this because it can decouple end user&#x2F;browser upgrade cycles from backend upgrade cycles.<p>Some browsers and some end user devices get upgraded quickly, so making it easy to make it optionally-PQ on any site, and then as that rollout extends, some specialty sites can make it mandatory, and then browser&#x2F;device UX can do soft warnings to users (or other activity like downranking), and then at some point something like STS Strict can be exposed, and then largely become a default (and maybe just remove the non-PQ algorithms entirely from many sites).<p>I definitely was on team &quot;the risks of a rushed upgrade might outweigh the risks of actual quantum breaks&quot; until pretty recently -- rushing to upgrade has lots of problems always and is a great way to introduce new bugs, but based on the latest information, the balance seems to have shifted to doing an upgrade quickly.<p>Updating websites is going to be so much easier than dealing with other systems (bitcoin probably the worst; data at rest storage systems; hardware).

4/7/2026, 4:11:51 PM

by: hackerman70000

Cloudflare pushing PQ by default is probably the single most impactful thing that can happen for adotpion. Most developers will never voluntarily migrate their TLS config. Making it the default at the CDN layer means millions of sites get upgraded without anyone making a decision

4/7/2026, 4:09:27 PM

by: cetinsert

You can do PQ queries with us at qi.rt.ht!<p>Which one do you think is PQ-secure?<p><a href="https:&#x2F;&#x2F;qi.rt.ht&#x2F;?pq={api.,}{stripe,paypal}.com" rel="nofollow">https:&#x2F;&#x2F;qi.rt.ht&#x2F;?pq={api.,}{stripe,paypal}.com</a>

4/7/2026, 4:01:08 PM

by: Bender

Is this still theory or are there working Quantum systems that have broken anything yet?

4/7/2026, 3:47:31 PM

by: valeriozen

cloudflare making pq the default is the only way we get real adoption. most devs are never going to mess with their tls settings unless they absolutely have to. having it happen at the cdn level is the perfect silent upgrade for millions of sites without the owners needing to do anything

4/7/2026, 4:17:33 PM

by: 20k

Quantum computing, and the generic term &#x27;quantum&#x27; is gearing up to be the next speculative investment hype bubble after AI, so prepare for a lot of these kinds of articles

4/7/2026, 3:50:40 PM

by: heliumtera

And that changes what?

4/7/2026, 3:39:16 PM

by: ls612

The secrecy around this is precisely the opposite of what we saw in the 90s when it started to become clear DES needed to go. Yet another sign that the global powers are preparing for war.

4/7/2026, 3:05:56 PM