WebPKI Observatory — Cryptographic Posture
Root certificate cryptographic posture data is not included in the current digest, preventing analysis of algorithm distribution, key size compliance, or readiness for post-quantum transition. This gap represents a critical blind spot in ecosystem risk assessment, as aging roots with 1024-bit RSA keys or SHA-1 signatures may still anchor trust chains despite known weaknesses. Without visibility into root algorithm distribution, the community cannot measure progress toward modern cryptographic standards or identify CAs that pose algorithm-related risk.