Post-Quantum Migration Runbook
Execution checklist for policy-driven post-quantum rollout with measurable safety gates and rollback discipline.
Citation-ready summary
- PQ migration rollout should proceed through inventory, pilot, canary, and broad rollout stages.
- Axis control-plane approvals and rollout receipts define stage transitions and accountability.
- Aegis enforcement telemetry is required evidence before promoting migration scope.
TL;DR for security leaders
Approve each stage with explicit blast-radius limits and rollback criteria. Do not accept promotion without a receipt-backed evidence review.
TL;DR for engineers
Automate preflight checks, policy applies, and telemetry collection so every promotion can be repeated or reversed consistently.
Runbook steps
- Inventory all cryptographic touchpoints and owners.
- Define migration policy in Axis by environment and workload cohort.
- Execute pilot in low-risk cohort through Aegis enforcement.
- Capture rollout receipts and telemetry deltas.
- Run canary expansion, then promote to broad rollout if safe.
- Keep rollback policy warm until post-rollout stability window closes.
Vocabulary reference: glossary.
Pilot stage
The pilot stage should target the smallest cohort that still exercises the real protocol and policy path. Exit only after operators confirm telemetry quality, compatibility behavior, and receipt capture.
Canary stage
The canary stage expands blast radius in a controlled way. Promote only when the delta between baseline and canary remains within the thresholds defined during migration planning.
Rollback stage
Rollback remains a first-class stage, not a footnote. Keep fallback policy, owner approval paths, and evidence capture active until the post-rollout observation window closes.
Control-plane policy lifecycle
The lifecycle diagram is used during rollout planning to verify stage ownership, threshold definitions, and rollback readiness before policy promotion.
Periodic standards review cadence
- Monthly: review standards updates and document relevance to active rollout stages.
- Quarterly: reassess migration thresholds, fallback policy, and operator runbooks.
- Event-triggered: run immediate review after major standards changes, ecosystem interoperability incidents, or critical cryptographic disclosures.
Terminology alignment
Use glossary definitions for Aegis, Axis, control plane, enforcement plane, rollout receipts, and PQ migration.
Next related reading
Next: executive FAQ • Evidence: security controls map • Evidence: known limitations • Glossary