Compliance Timeline
All PQC compliance milestones across active mandates, sorted chronologically.
27 milestones
2023
Agency cryptographic inventory submission to CISA and NSA
2024
Cryptographic agility requirements in new procurements
Agency PQC migration plans submitted
EU Member States transpose NIS2 into national law
Critical infrastructure sectors: complete PQC readiness assessment
2025
Software & Firmware: Begin PQC adoption
PQC algorithms added to CRYPTREC Recommended Ciphers List
Essential entities: complete cryptographic risk assessment
ML-KEM in TLS 1.3 RFC published
ML-DSA and SLH-DSA X.509 certificate RFCs published
Begin cryptographic inventory and PQC readiness assessment
Critical information infrastructure: complete cryptographic inventory
2026
Networking Equipment: Begin PQC adoption
Federal IT systems: complete PQC readiness assessment
Organisations begin hybrid PQC adoption in sensitive systems
Australian government agencies: complete PQC readiness assessment
Essential entities: implement cryptographic agility controls
Critical infrastructure: begin PQC migration in highest-risk systems
Government agencies: begin PQC migration planning
Hybrid PQC profiles incorporated into ETSI e-signature standards
2027
New federal procurements must support hybrid PQC
New government procurements: require cryptographic agility
Government systems: begin PQC migration planning
Implement cryptographic agility in new and updated systems
2030
Classical algorithms deprecated for federal use
2033
All NSS: Full CNSA 2.0 compliance
2035
Classical algorithms disallowed in federal systems
Legend
Hard deadlineAdvisory / softPast milestone (dimmed)