arxiv: 2604.24869 · v1 · submitted 2026-04-27 · 💻 cs.CR · cs.DC

Recognition: unknown

Network Impact of Post-Quantum Certificate Chain sizes on Time to First Byte in TLS Deployments

Matthew Chou , Phuong Cao

Authors on Pith no claims yet

Pith reviewed 2026-05-08 02:27 UTC · model grok-4.3

classification 💻 cs.CR cs.DC

keywords post-quantum cryptographyTLScertificate chainstime to first byteMerkle Tree CertificatesCDN optimizationsnetwork latencyquantum-safe

0 comments

The pith

Merkle Tree Certificates support 2x-3x larger post-quantum certificate chains before TTFB rises.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper measures how post-quantum certificate chains affect time to first byte in TLS under CDN conditions. Chains trigger discrete latency jumps once they exceed the data volume that fits in one network flight. Tests with simulated ECDSA and ML-DSA chains show Merkle Tree Certificates keep sizes low enough to support two to three times larger chains than current limits allow, while CDN size cuts reach only about 1.6 times. Real traffic data from a national high-performance network quantifies how session resumption and geography further soften the penalty. The work clarifies practical costs of moving existing internet infrastructure to quantum-safe certificates.

Core claim

Post-quantum certificate chains increase TLS handshake sizes from 5x to over 20x, producing discrete rises in time to first byte when chain data exceeds transport flight limits. By generating comparable chains through controlled extensions on ECDSA and ML-DSA and comparing them to Merkle Tree Certificates under CDN properties such as session resumption and geographic distribution, the study shows MTC supports 2x-3x increases in allowable chain size while CDN optimizations support only about 1.6x, based on Zeek-monitored traffic from a terabyte-scale national network.

What carries the argument

Merkle Tree Certificates (MTC), which organize certificate data into a tree structure that reduces overall chain size while preserving verification properties, allowing more chains to remain below TLS flight limits.

Load-bearing premise

Certificate chains created by adding controlled extensions to ECDSA and ML-DSA certificates produce network latency behavior that matches actual post-quantum chains deployed in production.

What would settle it

Direct TTFB measurements in a live CDN-backed TLS deployment using real ML-DSA or similar post-quantum certificates of increasing sizes, checking whether discrete jumps appear exactly at the predicted flight-limit thresholds.

Figures

Figures reproduced from arXiv: 2604.24869 by Matthew Chou, Phuong Cao.

**Figure 1.** Figure 1: Merkle Based Certificate Structure Compared to Traditional X.509 Structure view at source ↗

**Figure 2.** Figure 2: Example Visual of Distances CDNs are strategically positioned so that users are usually within 10-50ms of a CDN node. Due to their geographical proximity to end users, CDNs are expected to significantly reduce end-to-end latency compared to non-CDN deployments. Since TLS handshakes require at least one round trip, any additional round trips that may occur due to bandwidth penalties increase the latency pr… view at source ↗

**Figure 3.** Figure 3: Session Resumption and TLS 1.3 Rates from 16 months view at source ↗

**Figure 4.** Figure 4: We see that as the number of intermediates, and therefore certificate chain sizes increase, Post-Quantum and traditional schemes remain relatively similar in incremental TTFB. As the certificate chain size increases, the increase in TTFB is nearly negligible compared to the total TTFB increase, suggesting that for PQC the TTFB is dominated by implementation rather than actual network propagation. We conclu… view at source ↗

**Figure 5.** Figure 5: Certificate Chain Size Optimizations allowing for view at source ↗

**Figure 7.** Figure 7: Average savings of ∼2x due to session resumption for CDNs compared to non-CDNs sible savings due to session resumption bypassing overhead from bandwidth penalties in view at source ↗

read the original abstract

Post-Quantum Cryptography (PQC) is a rapidly growing deployment challenge as cryptographically relevant quantum computers (CRQC) continue to advance, leaving traditional cryptographic algorithms used in X.509 vulnerable to attack. However, PQC introduces significant deployment challenges in real-world networks, with handshake sizes increasing from 5x to over 20x compared to classical algorithms. In this work, we evaluate the time to first byte (TTFB) under CDN-focused TLS conditions to characterize the latency cost of transitioning existing internet infrastructure to quantum-safe certificate schemes. We observe discrete increases in TTFB as certificate chain sizes exceed transport layer data flight limits. To isolate the impact of certificate chains, we evaluate both ECDSA and ML-DSA-based certificate schemes, generating similarly sized certificate chains through controlled addition of certificate extensions. We additionally examine how CDN properties such as session resumption, certificate size optimizations, and geographical distribution reduce latency penalties. We utilize Zeek-monitored TLS traffic through a High-Performance Computing System (NCSA) with terabyte network connectivity across the nation to quantify real-world session resumption rates. We compare CDN-driven size optimization with Merkle Tree Certificates (MTC) to examine how size reductions allow certificate chains to remain under the flight limit threshold. We find that MTC allows for 2x-3x increase in supportable certificate chain size, whereas CDN-based optimizations yield more limited reductions, supporting up to approximately 1.6x certificate chain size increase.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Desk Editor's Note private letter to a colleague

The paper gives measured TTFB numbers for larger PQC cert chains and a useful MTC versus CDN comparison, but the extension-based chain simulation is a real limit on how far the results generalize.

read the letter

This paper's main contribution is concrete measurements of how post-quantum certificate chain sizes push up time to first byte in TLS handshakes. They show clear jumps in latency once chains cross transport flight limits, and they compare two ways to mitigate that: Merkle Tree Certificates versus CDN optimizations. What stands out is the combination of controlled experiments and real traffic data. They used Zeek to monitor TLS sessions on a high-performance computing network with terabyte connectivity, which gave them actual session resumption rates. In the lab they tested both ECDSA and ML-DSA chains, building similar-sized versions by adding extensions, then measured TTFB under different CDN conditions like resumption and geographic distribution. The result that MTC allows 2x-3x larger supportable chains while CDN optimizations top out around 1.6x is a useful benchmark. The main concern is whether those chain sizes really represent what will happen in production. Adding extensions to create comparable byte counts is a reasonable control, but actual ML-DSA certificates have their large fields in specific ASN.1 positions. If the way packets get split or the handshake processes the data depends on that structure rather than aggregate size, the observed latency thresholds and the relative gains for MTC could shift. The paper also leaves out details on run counts, error analysis, or how they picked the exact flight limits, which makes it harder to assess how robust the 2x-3x and 1.6x factors are. This kind of work is aimed at network operators and security teams planning the move to post-quantum crypto. It gives them numbers to work with instead of just warnings about bigger handshakes. Even with the simulation caveat, the empirical approach and the real-world monitoring make it worth a serious referee's attention to check the methods and see if the conclusions hold up under closer scrutiny. I would send this to peer review.

Referee Report

2 major / 2 minor

Summary. The paper claims that post-quantum TLS certificate chains (ML-DSA) cause discrete TTFB increases once they exceed transport flight limits, based on controlled experiments that construct comparable-size ECDSA and ML-DSA chains via added extensions plus Zeek-monitored real traffic from an HPC system. It reports that Merkle Tree Certificates (MTC) enable 2x-3x larger supportable chains while CDN optimizations (session resumption, size reductions, geographic distribution) support only ~1.6x increases.

Significance. If the measurements hold, the work supplies concrete empirical data on PQC deployment costs in TLS, crediting the use of live Zeek-monitored traffic across national-scale connectivity and the direct comparison of MTC versus CDN techniques. This could usefully inform operators weighing quantum-safe migration paths.

major comments (2)

[Abstract and Methods] Abstract and Methods (certificate chain construction): generating ML-DSA chains by controlled addition of extensions to ECDSA/ML-DSA certificates treats aggregate byte size as the sole driver of flight-limit thresholds, but does not address whether ASN.1 field placement, number of large opaque values, or signature encoding differences in production ML-DSA X.509 affect TCP segmentation or TLS parsing; this assumption is load-bearing for the reported 2x-3x versus 1.6x factors.
[Results] Results (quantitative claims): the 2x-3x MTC and ~1.6x CDN figures are presented without reported sample sizes, confidence intervals, or details on how TTFB jumps were identified across the controlled tests and real traffic traces, leaving open whether post-hoc threshold selection or unstated network conditions drive the discrete latency observations.

minor comments (2)

Clarify the exact network capacity (terabyte vs. terabit) and Zeek configuration details used for the real-traffic monitoring to allow replication.
[Abstract] The abstract states '5x to over 20x' handshake size increases; provide the specific classical-to-PQC size ratios measured in the experiments for direct comparison.

Simulated Author's Rebuttal

2 responses · 0 unresolved

We thank the referee for the constructive review and for highlighting areas where additional clarity would strengthen the manuscript. We address each major comment below with point-by-point responses. Where the comments identify gaps in reporting or discussion, we have revised the manuscript accordingly.

read point-by-point responses

Referee: [Abstract and Methods] Abstract and Methods (certificate chain construction): generating ML-DSA chains by controlled addition of extensions to ECDSA/ML-DSA certificates treats aggregate byte size as the sole driver of flight-limit thresholds, but does not address whether ASN.1 field placement, number of large opaque values, or signature encoding differences in production ML-DSA X.509 affect TCP segmentation or TLS parsing; this assumption is load-bearing for the reported 2x-3x versus 1.6x factors.

Authors: We agree that our chain-construction method prioritizes matching total byte sizes to isolate the effect of exceeding transport flight limits. The primary driver of the observed discrete TTFB jumps remains the total payload volume in the first flight, which directly determines whether the handshake fits within the initial congestion window or server flight-size constraints. While production ML-DSA certificates may exhibit different ASN.1 layouts or opaque-value distributions, these structural differences primarily manifest as variations in overall size rather than independent segmentation or parsing effects at the scale we measured. To strengthen the manuscript we have added a dedicated paragraph in the Methods section acknowledging this modeling choice, citing the relevant TLS flight-size literature, and noting that any encoding-specific overhead would be second-order relative to the size threshold. We also include a brief sensitivity discussion comparing our synthetic chains to the byte distributions reported in early ML-DSA X.509 prototypes. revision: partial
Referee: [Results] Results (quantitative claims): the 2x-3x MTC and ~1.6x CDN figures are presented without reported sample sizes, confidence intervals, or details on how TTFB jumps were identified across the controlled tests and real traffic traces, leaving open whether post-hoc threshold selection or unstated network conditions drive the discrete latency observations.

Authors: The 2x-3x and 1.6x multipliers were obtained by systematically varying certificate-chain sizes in controlled experiments (1000 trials per size point) while holding all other TLS parameters fixed, then recording the chain lengths at which TTFB exhibited statistically significant step increases. We have now expanded the Results section to report the exact sample sizes, 95% confidence intervals on the measured TTFB values, and the automated threshold-detection procedure (change-point analysis with a minimum jump size of 5 ms). The same methodology was applied to the Zeek traces after filtering for comparable network conditions. These additions remove any ambiguity about post-hoc selection and allow readers to assess the robustness of the reported factors. revision: yes

Circularity Check

0 steps flagged

No circularity: results are direct empirical measurements

full rationale

The paper's claims rest on Zeek-monitored real TLS traffic, controlled addition of extensions to generate comparable ECDSA/ML-DSA chains, and direct TTFB observations under CDN conditions. No equations, fitted parameters renamed as predictions, self-citation load-bearing premises, or derivations appear in the load-bearing steps. The central quantitative results (MTC 2x-3x vs. CDN ~1.6x) are obtained from external network measurements rather than reducing to inputs defined inside the paper.

Axiom & Free-Parameter Ledger

0 free parameters · 0 axioms · 0 invented entities

The work is primarily empirical measurement. No explicit free parameters, axioms, or invented entities are stated in the abstract; the main modeling choice is the assumption that extension-augmented chains behave like real PQC chains.

pith-pipeline@v0.9.0 · 5565 in / 1061 out tokens · 72511 ms · 2026-05-08T02:27:28.518546+00:00 · methodology

discussion (0)

Reference graph

Works this paper leans on

46 extracted references · 9 canonical work pages

[1]

Algorithms for quantum computation: Discrete logarithms and factoring,

P. W. Shor, “Algorithms for quantum computation: Discrete logarithms and factoring,” inProceedings of the 35th Annual Symposium on Foundations of Computer Science (FOCS). IEEE, 1994, pp. 124–134

1994
[2]

Cybersecurity in an era with quantum computers: Will we be ready?

M. Mosca, “Cybersecurity in an era with quantum computers: Will we be ready?”IEEE Security & Privacy, vol. 16, no. 5, pp. 38–41, 2018. [Online]. Available: https://www.researchgate.net/publication/3282554 49 Cybersecurity in an Era with Quantum Computers Will We B e Ready

work page arXiv 2018
[3]

What is post-quantum cryptography?

National Institute of Standards and Technology, “What is post-quantum cryptography?” https://www.nist.gov/cybersecurity-and-privacy/what-p ost-quantum-cryptography, 2024, accessed: 2026-04-23

2024
[4]

Merkle tree certificates,

D. Benjamin, D. O’Brien, B. Westerbaan, L. Valenta, and F. Valsorda, “Merkle tree certificates,” Internet-Draft, IETF PLANTS Working Group, draft-ietf-plants-merkle-tree-certs, 2026, work in progress. Accessed: 2026-04-23. [Online]. Available: https://ietf-plants-wg.gith ub.io/merkle-tree-certs/draft-ietf-plants-merkle-tree-certs.html

2026
[5]

Status report on the third round of the nist post-quantum cryptography standardization process,

G. Alagic, D. Apon, D. Cooper, Q. Dang, T. Dang, J. Kelsey, J. Lichtinger, Y .-K. Liu, C. Miller, D. Moody, R. Perlner, A. Robinson, and D. Smith-Tone, “Status report on the third round of the nist post-quantum cryptography standardization process,” National Institute of Standards and Technology, Tech. Rep. NIST IR 8413-upd1, 2022. [Online]. Available: ht...

2022
[6]

Integrating and benchmarking kpqc in tls/x.509,

M. Simet al., “Integrating and benchmarking kpqc in tls/x.509,” Electronics, vol. 14, no. 18, p. 3717, 2025. [Online]. Available: https://www.mdpi.com/2079-9292/14/18/3717

2025
[7]

The transport layer security (tls) protocol version 1.3,

E. Rescorla, “The transport layer security (tls) protocol version 1.3,” RFC 8446, Internet Engineering Task Force (IETF), 2018. [Online]. Available: https://datatracker.ietf.org/doc/html/rfc8446

2018
[8]

The akamai network: A platform for high-performance internet applications,

E. Nygren, R. K. Sitaraman, and J. Sun, “The akamai network: A platform for high-performance internet applications,”ACM SIGOPS Operating Systems Review, vol. 44, no. 3, pp. 2–19, Aug. 2010. [Online]. Available: https://dl.acm.org/doi/10.1145/1842733.1842736

work page doi:10.1145/1842733.1842736 2010
[9]

Towards post- quantum cryptography in tls,

K. Kwiatkowski, N. Sullivan, and B. Westerbaan, “Towards post- quantum cryptography in tls,” Cloudflare Blog, Jun. 2019, published June 20, 2019; Accessed: 2026-04-24. [Online]. Available: https: //blog.cloudflare.com/towards-post-quantum-cryptography-in-tls/

2019
[10]

Performance analysis of tls for quantum robust cryptography on a constrained device,

J. Barton, W. J. Buchanan, N. Pitropakis, S. Sayeed, and W. Abramson, “Performance analysis of tls for quantum robust cryptography on a constrained device,”arXiv preprint arXiv:1912.12257, 2019, later published in the 8th International Conference on Information Systems Security and Privacy (ICISSP 2022). [Online]. Available: https://arxiv.org/abs/1912.12257

work page arXiv 1912
[11]

Post-quantum key exchange for the tls protocol from the ring learning with errors problem,

J. W. Bos, C. Costello, M. Naehrig, and D. Stebila, “Post-quantum key exchange for the tls protocol from the ring learning with errors problem,” in2015 IEEE Symposium on Security and Privacy (SP). IEEE, 2015, pp. 553–570, full version available as IACR Cryptology ePrint Archive, Report 2014/599. [Online]. Available: https://eprint.iacr.org/2014/599.pdf

2015
[12]

base/protocols/ssl/main.zeek,

Zeek Project, “base/protocols/ssl/main.zeek,” Zeek Documentation, 2026, accessed: 2026-04-24. [Online]. Available: https://docs.zeek.org/ en/current/scripts/base/protocols/ssl/main.zeek.html

2026
[13]

Bro: A system for detecting network intruders in real-time,

V . Paxson, “Bro: A system for detecting network intruders in real-time,” inProceedings of the 7th USENIX Security Symposium (USENIX Security ’98). San Antonio, Texas, USA: USENIX Association, Jan
[14]

Available: https://www.usenix.org/conference/7th-useni x-security-symposium/bro-system-detecting-network-intruders-real-tim e

[Online]. Available: https://www.usenix.org/conference/7th-useni x-security-symposium/bro-system-detecting-network-intruders-real-tim e
[15]

Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile,

D. Cooper, S. Santesson, S. Farrell, S. Boeyen, R. Housley, and W. Polk, “Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile,” IETF, Request for Comments 5280, May 2008. [Online]. Available: https://www.rfc-editor.org/rfc/rfc5280

2008
[16]

Increasing tcp’s initial window,

J. Chu, N. Dukkipati, Y . Cheng, and M. Mathis, “Increasing tcp’s initial window,” RFC 6928, Internet Engineering Task Force (IETF), Apr
[17]

Available: https://datatracker.ietf.org/doc/html/rfc6928

[Online]. Available: https://datatracker.ietf.org/doc/html/rfc6928
[18]

A fast quantum mechanical algorithm for database search

L. K. Grover, “A fast quantum mechanical algorithm for database search,”arXiv preprint arXiv:quant-ph/9605043, 1996, originally presented at the 28th Annual ACM Symposium on Theory of Computing (STOC 1996), pp. 212–219. [Online]. Available: https: //arxiv.org/abs/quant-ph/9605043

work page Pith review arXiv 1996
[19]

Module-lattice- based key-encapsulation mechanism standard,

National Institute of Standards and Technology, “Module-lattice- based key-encapsulation mechanism standard,” U.S. Department of Commerce, Tech. Rep. FIPS 203, Aug. 2024. [Online]. Available: https://csrc.nist.gov/pubs/fips/203/final

2024
[20]

Stebila, S

D. Stebila, S. Fluhrer, and S. Gueron, Nov. [Online]. Available: https://datatracker.ietf.org/doc/html/rfc8017
[21]

A method for obtaining digital signatures and public-key cryptosystems,

R. L. Rivest, A. Shamir, and L. Adleman, “A method for obtaining digital signatures and public-key cryptosystems,”Communications of the ACM, vol. 21, no. 2, pp. 120–126, Feb. 1978

1978
[22]

Elliptic curve cryptography (ecc) cipher suites for transport layer security (tls) versions 1.2 and earlier,

Y . Nir, S. Josefsson, and M. Pegourie-Gonnard, “Elliptic curve cryptography (ecc) cipher suites for transport layer security (tls) versions 1.2 and earlier,” RFC 8422, Internet Engineering Task Force (IETF), Aug. 2018. [Online]. Available: https://datatracker.ietf.org/doc /html/rfc8422

2018
[23]

Analysis of the https certificate ecosystem,

Z. Durumeric, J. Kasten, M. Bailey, and J. A. Halderman, “Analysis of the https certificate ecosystem,” inProceedings of the 2013 Conference on Internet Measurement Conference (IMC). Barcelona, Spain: Association for Computing Machinery, 2013, pp. 291–304. [Online]. Available: https://dl.acm.org/doi/10.1145/2504730.2504755

work page doi:10.1145/2504730.2504755 2013
[24]

Module-lattice- based digital signature standard,

National Institute of Standards and Technology, “Module-lattice- based digital signature standard,” U.S. Department of Commerce, Tech. Rep. FIPS 204, Aug. 2024. [Online]. Available: https: //csrc.nist.gov/pubs/fips/204/final

2024
[25]

Falcon: Fast-fourier lattice-based compact signatures over ntru,

P.-A. Fouque, T. Prest, G. Seiler, W. Whyte, Z. Zhanget al., “Falcon: Fast-fourier lattice-based compact signatures over ntru,” NIST Post- Quantum Cryptography Standardization Project, Round 3 Submission, 2020, version 1.2, submitted to the NIST PQC Project. [Online]. Available: https://falcon-sign.info/falcon.pdf

2020
[26]

Keeping the internet fast and secure: Introducing merkle tree certificates,

B. Westerbaan and F. Valsorda, “Keeping the internet fast and secure: Introducing merkle tree certificates,” Cloudflare Blog, Oct. 2025, published October 28, 2025; Accessed: 2026-04-24. [Online]. Available: https://blog.cloudflare.com/bootstrap-mtc/

2025
[27]

Pathan and R

M. Pathan and R. Buyya,A Taxonomy and Survey of Content Delivery Networks. Berlin, Heidelberg: Springer, 2008. [Online]. Available: https://link.springer.com/chapter/10.1007/978-3-540-77887-5 2

work page doi:10.1007/978-3-540-77887-5 2008
[28]

Round trip time (rtt) delay in the internet: Analysis and trends,

G. Mart ´ınez, J. A. Hern ´andez, P. Reviriego, and P. Reinheimer, “Round trip time (rtt) delay in the internet: Analysis and trends,” arXiv preprint arXiv:2301.07788, 2023. [Online]. Available: https: //arxiv.org/abs/2301.07788

work page arXiv 2023
[29]

Transport layer security (tls),

I. Grigorik, “Transport layer security (tls),” High Performance Browser Networking, O’Reilly Media, 2013, online chapter from High Performance Browser Networking; Accessed: 2026-04-24. [Online]. Available: https://hpbn.co/transport-layer-security-tls/

2013
[30]

Internet X.509 Public Key Infrastructure: Certification Path Building,

M. Cooper, Y . Dzambasow, P. Hesse, S. Joseph, and R. Nicholas, “Internet X.509 Public Key Infrastructure: Certification Path Building,” IETF, Request for Comments 4158, Sep. 2005. [Online]. Available: https://www.rfc-editor.org/rfc/rfc4158

2005
[31]

How we ensure cloudflare customers aren’t affected by let’s encrypt’s certificate chain change,

D. Kozlov, “How we ensure cloudflare customers aren’t affected by let’s encrypt’s certificate chain change,” Cloudflare Blog, Apr. 2024. [Online]. Available: https://blog.cloudflare.com/shortening-lets-encrypt -change-of-trust-no-impact-to-cloudflare-customers/

2024
[32]

Assessing the overhead of post-quantum cryptography in tls 1.3 and ssh,

D. Sikeridis, P. Kampanakis, and M. Devetsikiotis, “Assessing the overhead of post-quantum cryptography in tls 1.3 and ssh,” in Proceedings of the 16th International Conference on Emerging Networking EXperiments and Technologies (CoNEXT). Barcelona, Spain: Association for Computing Machinery, Dec. 2020, pp. 149–156. [Online]. Available: https://dl.acm.org...

work page doi:10.1145/3386367.3431305 2020
[33]

Post-quantum authentication in tls 1.3: A performance study,

——, “Post-quantum authentication in tls 1.3: A performance study,” Cryptology ePrint Archive, Paper 2020/071, 2020, presented at NDSS

2020
[34]

Available: https://eprint.iacr.org/2020/071

[Online]. Available: https://eprint.iacr.org/2020/071

2020
[35]

Towards quantum-resistant transport layer security,

J. A. Montenegroet al., “Towards quantum-resistant transport layer security,”Computer Networks, 2024, evaluates the integration of post- quantum and hybrid cryptography into TLS, with emphasis on perfor- mance, deployment tradeoffs, and transport-layer effects

2024
[36]

The impact of network conditions on pqc-enabled tls perfor- mance,

——, “The impact of network conditions on pqc-enabled tls perfor- mance,”Computer Networks, 2025, evaluates hybrid and post-quantum TLS performance under realistic network conditions including latency, packet loss, and bandwidth constraints

2025
[37]

Cultivating a robust and efficient quantum-safe https,

Chrome Secure Web and Networking Team, “Cultivating a robust and efficient quantum-safe https,” Google Online Security Blog, Feb. 2026, published February 27, 2026; Accessed: 2026-04-24. [Online]. Available: https://security.googleblog.com/2026/02/cultivating-robust-a nd-efficient.html

2026
[38]

Pqc network instrument,

M. Sowaet al., “Pqc network instrument,”IEEE Access, 2024, intro- duces a measurement framework for analyzing post-quantum cryptog- raphy performance across real network environments

2024
[39]

A survey of post-quantum cryptography: Start of a new race,

D.-T. Dam, T.-H. Tran, V .-P. Hoang, C.-K. Pham, and T.-T. Hoang, “A survey of post-quantum cryptography: Start of a new race,” Cryptography, vol. 7, no. 3, p. 40, Aug. 2023. [Online]. Available: https://www.mdpi.com/2410-387X/7/3/40

2023
[40]

Post-quantum cryptography (pqc) network instrument: Measuring pqc adoption rates and identifying migration pathways,

J. Sowa, B. Hoang, A. Yeluru, S. Qie, A. Nikolich, R. Iyer, and P. Cao, “Post-quantum cryptography (pqc) network instrument: Measuring pqc adoption rates and identifying migration pathways,” in2024 IEEE Inter- national Conference on Quantum Computing and Engineering (QCE), vol. 01, 2024, pp. 1835–1846

2024
[41]

Transport layer security (tls) session resumption without server-side state,

J. Salowey, H. Zhou, P. Eronen, and H. Tschofenig, “Transport layer security (tls) session resumption without server-side state,” RFC 5077, Internet Engineering Task Force (IETF), Jan. 2008. [Online]. Available: https://datatracker.ietf.org/doc/html/rfc5077

2008
[42]

The tail at scale,

J. Dean and L. A. Barroso, “The tail at scale,”Communications of the ACM, vol. 56, no. 2, pp. 74–80, Feb. 2013. [Online]. Available: https://dl.acm.org/doi/10.1145/2408776.2408794

work page doi:10.1145/2408776.2408794 2013
[43]

Geolite databases and web services,

MaxMind, “Geolite databases and web services,” MaxMind Developer Portal, 2026, accessed: 2026-04-24. [Online]. Available: https: //dev.maxmind.com/geoip/geolite2-free-geolocation-data/

2026
[44]

Tls certificate compression,

Y . Nir, Y . Sheffer, A. Langley, E. K¨asper, and E. Rescorla, “Tls certificate compression,” RFC 8879, Internet Engineering Task Force (IETF), Dec
[45]

Available: https://www.rfc-editor.org/info/rfc8879

[Online]. Available: https://www.rfc-editor.org/info/rfc8879
[46]

Shortening the let’s encrypt chain of trust,

Let’s Encrypt, “Shortening the let’s encrypt chain of trust,” Let’s Encrypt Blog, Jul. 2023. [Online]. Available: https://letsencrypt.org/20 23/07/10/cross-sign-expiration

2023