Next deadline: Member States to have started PQC migration — 171 days
The post-quantum countdown
Every dated deadline that is going to land on your desk, and what each one actually asks you to produce. Most of them ask for the same thing first: an inventory of the cryptography you are running. Almost nobody has one.
The quantum computer is not the deadline. The regulator is.
In effect now
PQC standards published — ML-KEM, ML-DSA, SLH-DSA
NIST · FIPS 203 / 204 / 205
The final post-quantum standards: ML-KEM (key encapsulation), ML-DSA and SLH-DSA (signatures).
Why it matters: The 'we're waiting for the standards' excuse expired here. Every deadline after this one assumes these algorithms are available, and they are.
Applies to: Everyone; the basis of every migration below
Maintain a documented inventory of the cipher suites and protocols in use, reviewed at least every 12 months, including a plan to respond to changes in cryptographic vulnerabilities.
Why it matters: This is not a quantum requirement and it is not in the future — it is a live, assessable control. A QSA can ask for the inventory today, and 'we don't have one' is a finding.
Applies to: Any entity storing, processing or transmitting cardholder data
CNSA 2.0 requires PQC signatures (ML-DSA / LMS / XMSS) for software and firmware signing, the earliest of its category deadlines.
Why it matters: Signing keys are the first thing anyone has to migrate, and the hardest — you cannot re-sign the past, and firmware in the field outlives the key that signed it.
Applies to: National Security Systems and their vendors — in practice, anyone selling software to US defence
112-bit classical security (RSA-2048, P-256 and friends) becomes deprecated after 2030 and disallowed after 2035.
Why it matters: This is the date your current TLS certificates, SSH keys and JWT signing keys stop being acceptable. Almost all of them are on this list.
Applies to: US federal systems, and every standard that follows NIST
Classical public-key crypto disallowed; US migration target
NIST / NSM-10 · NIST IR 8547; US National Security Memorandum 10
RSA/ECC disallowed. NSM-10 sets 2035 as the target for mitigating quantum risk across US systems.
Why it matters: This is the end of the runway, and it is the number every other regulator anchored to. Data you encrypt today that must stay secret past 2035 is already exposed — harvest now, decrypt later.
Applies to: US federal systems; the de-facto global backstop date
PQLens builds the inventory these deadlines ask for: across your code, dependencies, configs, certificates, keystores, TLS and SSH endpoints, JWKS, and cloud KMS. Free to run, 100% local — nothing about your code leaves the machine.
Regulatory dates move, and the wording matters more than the date. Every entry above links to its primary source — read it before you put a number in a board pack. Last verified 2026-07-13. We never claim any algorithm is “quantum-proof”; the honest words are quantum-vulnerable, quantum-weakened, PQC-ready, and hybrid.