> > Unpopular pages are much more likely to deploy a solution that doesn't > require > a parallel CA infrastructure and a cryptographer on staff. >
CAs, TLS libraries, certbot, and browsers would need to make changes, but I think we can deploy this without webservers or relying parties having to make any changes if they're already using an ACME client except upgrading their dependencies, which they would need to do anyway to get plain X.509 PQ certs.
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
