VERIK
Editorial · Agentic AI Governance
VERIK / V028 / 20 JUN 2026
Operating in the FogGovernance

The Certifier That Moved Upstream

On June 16, 2026, at the France Quantum conference at Station F in Paris, the chief of staff of France's national cybersecurity agency stood in front of the French quantum ecosystem and said the agency would stop certifying security products without post-quantum cryptography starting in 2027. Reuters was in the room. The 2027 date was already written down. Saying it publicly is what changed.

The agency in question is ANSSI. Its certification, known in French regulatory terminology as qualification, is a prerequisite for use across French government agencies and operators of vital importance. Losing certification eligibility amounts to losing access to one of Europe's largest government technology markets. What the announcement does is convert a multi-year transition plan into a procurement-gate signal that vendors can no longer treat as advisory.

What ANSSI Said That Was Not New

The transition has been on the public record since 2022. ANSSI's first post-quantum position paper arrived that year. A late-2023 follow-up stated the agency would stop delivering security labels for certain types of products claiming long-term security without post-quantum protection. ANSSI's own FAQ page confirmed it was targeting post-quantum obligations for qualification starting in 2027. The date has not moved.

What was new on June 16 was that Samih Souissi, ANSSI's chief of staff, said it publicly at a conference with Reuters reporting. The transition stopped being a position paper and started being a market commitment. The framing was explicit. Souissi: "It is not only a technical issue. It is a matter of governance, industrial planning, regulation, and sovereignty."

What ANSSI Actually Requires

The detail that matters for the governance reading is that ANSSI's requirement is not a substitution. It is a composition. Per the PostQuantum.com analysis of ANSSI's published guidance, the agency strongly recommends hybrid mechanisms that combine classical and post-quantum algorithms for any product offering protection beyond 2030. Supporting ML-KEM or ML-DSA in isolation will not satisfy ANSSI certification. Products will need hybrid implementations that pair post-quantum algorithms with established classical cryptography.

ANSSI extends the hybrid requirement to signatures. The reasoning is that post-quantum signature schemes are newer and less battle-tested than their key-establishment counterparts. A vendor shipping a product with only ML-DSA, with no classical signature retained in composition, does not meet the qualification bar. The classical layer is the audit trail of decades of cryptanalysis. The post-quantum layer is the protection against future quantum capability. ANSSI is requiring both because either alone would represent a single-point-of-failure assumption that the agency is unwilling to certify.

The phased timeline is similarly explicit. 2027 marks the end of new certifications for products without a post-quantum component. Existing certifications remain valid until expiry, but renewal is conditional on post-quantum conformance. 2030 is the procurement horizon. Souissi's call to businesses was that by 2030 they should be purchasing only quantum-safe products.

What Composes With This

The day after the announcement, the US Federal Register published GSA's proposed clause 552.239-7001 on June 17, 2026, the first comprehensive federal procurement instrument for large language model AI services. The same week, two Five-Eyes-adjacent regulators moved on two different technology layers (cryptographic primitives in France, language-model services in the United States), through the same governance instrument (procurement and certification), with the same effect (binding the vendor before the model card is even written).

The mechanisms differ at the level the agencies operate. CNSA 2.0, the US National Security System equivalent for cryptography that takes effect on January 1, 2027, operates through procurement eligibility, NIAP validation, and the Risk Management Framework. ANSSI operates through qualification and certification. Both are converging on the same effective date and the same effective lever. Neither relies on statute that would have to clear a legislature. Both rely on the certifier holding the gate.

The argument V020 made about the patching cycle (the policy artifact lagging the function it was supposed to instrument) reverses direction here. ANSSI is committing publicly to a deadline ahead of broad vendor readiness. The interesting question is whether the certification scheme itself is ready. ANSSI's qualification regime now has to test hybrid implementations at scale, across product categories, in the window between today and 2027.

The argument V027 made about the evaluation substrate generalizes. The UK AI safety institute named the evaluation substrate as a governance object. ANSSI is naming the cryptographic substrate as a procurement object. Same shape: the certifier moves upstream of the artifact. The model card and the audit report are downstream of a substrate someone has to certify.

The argument V026 made about the four-property procurement instrument (identity, privacy, settlement, attestation) gains an explicit historical analogue. Cryptographic qualification has been a four-property instrument for decades (algorithm correctness, parameter sufficiency, side-channel posture, key management). ANSSI is now requiring those four properties to be evaluated against a fifth: post-quantum composition. A procurement instrument with one additional named property.

Where the Solution-Layer Shape Sits

Three operational questions become writable now that the announcement is on the public record.

First, the certification scheme has to define what counts as a valid hybrid composition. ML-KEM combined with X25519 is one shape. ML-KEM combined with P-256 is another. ML-DSA combined with Ed25519 is another. The combinatorics are not trivial. ANSSI will have to issue technical references that vendors can point at, and the scheme references will themselves become procurement objects.

Second, the renewal path for existing certifications becomes the operational instrument that determines transition velocity. Existing certifications remain valid until expiry. Vendors with multi-year certifications have a window before renewal forces the hybrid composition. The vendors whose certifications expire in 2027 face the hardest deadline. The vendors whose certifications expire in 2029 face a different one. ANSSI's docket of renewal dates is now a forward-looking signal of which product categories transition first.

Third, the mutual recognition question becomes urgent. ANSSI certifications interact with the EU Common Criteria scheme (EUCC) and with the broader Common Criteria Recognition Arrangement. A French certification that requires hybrid composition does not automatically translate into a US or Five-Eyes recognition unless the recognizing scheme adopts the same requirement. The convergence question is whether NIAP, BSI, and the EUCC scheme follow ANSSI's hybrid mandate or diverge from it. If they diverge, the vendor ships two products. If they converge, the procurement instrument becomes multilateral.

What Remains on the Table

The policy instruments and the deployment tempo are not aligned. A national cybersecurity agency has committed publicly to a 2027 certification cutoff that requires hybrid post-quantum composition, two days before a federal procurement clause in the United States proposed binding language-model providers through the same instrument. Whether the next two years produce a certification regime that holds against the deadline, or a deadline that quietly slips against the regime, is the question that determines whether the procurement layer becomes the governance surface or the next artifact that lags.