Source: Filippo
Filippo Valsorda's shift from measured technical caution to declaring "unacceptable risk" is rare—infrastructure experts don't shed hedging language without cause. Google's disclosure that harvest-now-decrypt-later attacks pose immediate damage to long-lived secrets like state keys and identity certificates has compressed what was a 10-15 year migration window into an emergency enterprises can't defer through standard IT planning cycles. The stakes are concrete: authentication systems, encrypted archives, and supply chain integrity. Post-quantum cryptography standards exist but require immediate deployment coordination across browsers, certificate authorities, and hardware infrastructure. Valsorda's call is less technical opinion than market signal that the migration tax is now unavoidable.