Google’s move toward Merkle certificates signals a new trust model

Google’s initiative around Merkle Tree Certificates (MTCs) signals not just a technical upgrade, but a rethink of digital trust.

Post-quantum cryptography (PQC) is not only about new algorithms - it’s a scaling challenge. Traditional X.509 certificates aren’t suited for large post-quantum signatures, leading to performance, latency, and bandwidth issues. This requires architectural change, not just algorithm replacement.

MTCs introduce a different model: instead of certificate chains, they use compact inclusion proofs from a Merkle tree. This reduces overhead and changes how trust is verified, making it more scalable.

Going forward, security and performance must be designed together. During the transition, hybrid certificates will be used, but they add complexity and risk.

The key requirement is crypto-agility - the ability of systems to adapt to new algorithms, certificate formats, and validation models.

In short, PQC is an architectural transformation. Organizations must not only upgrade cryptography but also redesign trust infrastructure.