PQC migration and protocol bloat: what IAM teams should watch

TL;DR: RFC 9958 frames post-quantum cryptography as an engineering migration, not a simple algorithm swap, highlighting risks such as larger keys, handshake failures, fragmentation, and brittle middleboxes, according to DigiCert. The practical lesson is that cryptographic change behaves like identity infrastructure change: sequencing, observability, and rollback matter more than slogan-level readiness.

NHIMG editorial — based on content published by DigiCert: RFC 9958: A field guide to post-quantum cryptography migration

By the numbers:

• 92% of organisations expose NHIs to third parties, raising concerns about supply chain security.
• 96% of organisations store secrets outside of secrets managers in vulnerable locations including code, config files, and CI/CD tools.
• Only 5.7% of organisations have full visibility into their service accounts.

Questions worth separating out

Q: How should security teams plan PQC migration for service and workload identity?

A: Start by inventorying where certificates, signatures, and TLS handshakes carry identity across systems.

Q: Why do post-quantum algorithms create integration risk in identity systems?

A: Because PQC often increases key and signature sizes, which changes handshake behaviour, certificate chain size, and transport tolerance.

Q: What do organisations get wrong about hybrid cryptography?

A: They often treat hybrid cryptography as a final design rather than a transition control.

Practitioner guidance

• Inventory every certificate and signature path Map where public-key cryptography is used across TLS termination, service-to-service authentication, code signing, device enrolment, and long-lived data protection.
• Test brittle network paths first Prioritise MTU-sensitive links, UDP-heavy protocols, older stacks, and deep proxy chains before broad pilots.
• Separate algorithm choice from application code Move cryptographic selection into policy, libraries, or platform controls so algorithms can change without application rewrites.

What's in the full article

DigiCert's full blog covers the operational detail this post intentionally leaves for the source:

• A practical migration path for identifying where public-key cryptography lives in real systems, including TLS termination and code signing.
• A deeper explanation of hybrid cryptography tradeoffs and where it helps as a bridge during rollout.
• Engineering considerations for certificate size, handshake behaviour, and brittle infrastructure paths that can fail first.
• Examples of how to evaluate pilot success using interoperability, rollout stability, and operational overhead.

👉 Read DigiCert's field guide to post-quantum cryptography migration →

PQC migration and protocol bloat: what IAM teams should watch?

Explore further

View Full Forum →  |  NHI Foundation Course →