I think that'll only happen when and if the corresponding drop in sales offsets increases in revenue from the subscription services owners will be forced to use. When they announced this originally for EVs it was clear the underlying motivation was to convert owners from a one-time source of income into an ongoing stream by forcing them into a subscription model for features they would get from CarPlay/Android Auto.
The smaller switches like the Arista 710P are meant for deployment out at the edge of the network where you want something small and quiet (e.g. at people’s desks or in conference rooms) to provide more ports without needing as many runs back to the network core where the big loud switches live. They’re still enterpise grade since they support enterprise features like centralized management, VLANs, QoS, IGMP snooping, etc.
This reminds me of how Sarah at the Connections Museum in Seattle wrote a driver to allow an Asterisk soft PBX on a Linux box to speak revertive pulse signaling to the pre-DTMF trunks on their old telephone switches
Many operators do configure the SIP signaling for VoLTE to use an IPsec transport terminated at the P-CSCF, but most (if not all) of them only configure IPsec to provide integrity protection.
That seems like a mistake, since PQAs are an objective downgrade from ECC in everything except for immunity to Shor’s algorithm. It is not clear that machines with the tens of millions of qubits needed to run Shor’s algorithm will be constructed since there is no quantum moore’s law that gives us a clear roadmap to making them. If they never are made, then all of these PQAs will have been a waste and we will have missed opportunities for improvements from improved curves. For example, the failure to deploy EdDSA certificates in PKI has been a missed opoortunity. I hope the industry reverses course and deploys them, since they are a clear improvement over the current ECDSA certificates.
I can see using hybrid PQAs for key agreement as a hedge against quantum machines actually being constructed, but with the upcoming 47 day certificates, there really is no need to avoid EdDSA. If we come anywhere near constructing a quantum computer that can crack the public keys, the industry could pivot to ML-DSA with the older EdDSA certificates expiring before there is any risk of them being cracked.
If we assume cryptographically-relevant quantum computers will one day exist, you don't just need to worry about certs being cracked before they expire, but also the ECDH-established session keys being cracked. These keys are ephemeral, but if you store the ciphertexts long-term, you can crack them at any point in the future (aka https://en.wikipedia.org/wiki/Harvest_now,_decrypt_later).
Perfect forward secrecy means harvest now, decrypt later does not apply to signature algorithms when ephemeral keys are used and TLSv1.3 mandates ephemeral keys. If the ephemeral keys are cracked, that would be the fault of the key agreement algorithm, not the signature algorithm.
> If we assume cryptographically-relevant quantum computers will one day exist
One day could be 10,000 years in the future, so what meaning is there to such an assumption? You need to assume much more than that such machines will be constructed one day to suggest that there is a need for action. The industry is switching to hybrid key agreement algorithms out of an abundance of caution that it is not just one day that such a machine will be made, but one day in our lifetimes. It is not certain that will actually happen, but if it does, having adopted hybrid key exchange algorithms years in advance is enough. There is no need to switch signature algorithms from ECC until the creation of such a machine is imminent. Thus it is fine to proceed with EdDSA adoption in PKI.
The pivot is occurring on both key agreement and signatures. Hybrid schemes currently only exist for key agreement. Perfect forward secrecy means that as long as the key agreement schemes are secure against Shor’s algorithm, we can afford to do a much more leisurely roll out of PKI with PQ signing algorithms. Whether people will opt for “hybrid” signatures is yet to be seen.
