PATTERN Cited by 1 source
Supply-chain pressure for adoption¶
Pattern¶
Use procurement requirements from a dominant buyer to force technology adoption across an entire vendor ecosystem. The resulting products then cascade to all customers, not just the mandating buyer.
Mechanism¶
- Large buyer (government, dominant enterprise) sets a compliance deadline for technology X in procurement contracts.
- Vendors must build X-capable products or lose the contract.
- Vendor doesn't maintain a separate product line โ X-capable becomes the default for all customers.
- Adoption reaches organizations that would never have migrated independently.
PQC instance¶
EO 14409 sets contractor PQC compliance to Dec 2030 โ one year before the federal agency authentication deadline (Dec 2031). This ensures the supply chain is ready before the buyer needs it.
CISA's "widely available" / "transitioning" product classification tells agencies which categories they can demand PQC in today (cloud, browsers, chat/messaging, endpoint security) vs. later (routers, HSMs, identity providers, databases).
Historical instances¶
| Standard | Buyer | Cascade effect |
|---|---|---|
| IPv6 | U.S. federal agencies | Router/OS vendors shipped IPv6 support; enabled for all |
| RPKI | U.S./EU network operators | BGP validation deployed broadly |
| DNSSEC | U.S. federal .gov | Resolvers and registrars added support |
| TLS 1.3 | Browser vendors (Chrome, Firefox) | Servers upgraded; all users benefit |
| PQC (2026) | U.S. federal procurement | Vendor products PQ-capable for all customers |
Seen in¶
- sources/2026-06-23-cloudflare-post-quantum-eo-milestone โ EO contractor mandate as forcing function for PQC ecosystem readiness