Bas Westerbaan of Cloudflare joins us to discuss recent information that heightens concerns about Elliptic Curve Cryptography (ECC) and its vulnerability to a cryptographically relevant quantum computer (CRQC). We pose the question do we need to deprecate ECC in advance of our migration to ML-DSA and other PQC algorithms.
Tim Callan
Tim Callan has over 20 years of experience in the SSL and PKI technology spaces. Tim leads Sectigo's conformance with industry and regulatory requirements including browser root programs, WebTrust, CA/Browser Forum, and more. Tim is instrumental in driving initiatives to improve certificate agility and successful issuance. A founding member of the CA/Browser Forum and current vice-chair for one of its working groups, Tim is creator and co-host of Root Causes: A PKI and Security Podcast, the world’s most popular podcast dedicated to digital certificates. With 400+ episodes published, Tim is on the forefront of explaining trends that will be essential to the IT professionals, including shortening certificate lifespans and the coming change to post-quantum cryptography.
Recent posts by Tim Callan
Join this webinar to learn how modern private Certificate Authorities provide the foundation for managing machine identities at scale, while giving you the visibility, control, and automation required for today’s infrastructure.
We are freshly returned from the 2026 ETSI PQC Conference. We give a debrief on the conference, including the difference between post quantum cryptography (PQC) and quantum key distribution (QKD), the algorithmic zoo, PQC for blockchain, the Dunning Kruger Effect, and cryptographic Frogger.
The session covers NIST’s published PQC standards and ongoing work around Falcon, HQC, and the post-quantum “onramp,” along with migration timelines, the NCCoE Migration to PQC project, and key considerations for the U.S. government’s transition to quantum-resistant cryptography.
This session focuses on how engineering, DevOps, and cloud teams can prepare now by building crypto‑agile infrastructure, enabling automated renewal and bulk‑replace workflows, and updating CI/CD pipelines to support rapid cryptographic change.
Past Webinar
ROI, risk and reputation: A CISO's guide to 200-day readiness while also preparing for the quantum threat
Bruno and Tim will break down how quantum‑safe design principles, automation, and crypto‑agility converge to prevent outages, eliminate operational bottlenecks, and future‑proof key infrastructures long before 200‑day lifespans trigger a crisis.
Our speakers will reveal how visibility, automation, and strong governance form the foundation of PQC readiness and why the time to act is now.
We recently attended the Gartner Risk and Security conference for 2026, where we observed a great deal of attention on not only AI but also post quantum cryptography (PQC). Join us as we share the key takeaways.
2024 saw a flurry of high profile incidents for public CA, which we named the Bugzilla Bloodbath. We look back to see how the WebPKI has changed as a consequence.
