How’s My SSL? can now detect if an HTTPS client supports post-quantum key agreement. You can find a description of post-quantum key agreement and its purpose on the Post-Quantum Key Agreement section on the about page.

While the top-level client ranking is currently unchanged, the Post-Quantum Key Agreement section on the main page of https://www.howsmyssl.com will show a small Improvable button to clients lacking support for post-quantum key agreement.

The /a/check API now has two new fields:

• post_quantum_key_agreement - a boolean reporting whether the TLS client supports one of the named groups that provide post-quantum key agreement
• given_named_groups - a list of strings describing which named group IDs (formerly called curve IDs in TLS 1.2) were included in the client hello

We plan to change the ranking of clients that don’t support cipher suites with post-quantum key agreement, but that’ll be discussed in a follow-up.

This has also been posted on the howsmyssl-upkeep mailing list.