Unquantified possibility, based on "throw enough money a the problem and get lucky" which in my books, is nothing like as probable as people think.<p>Still, NIST moved. They did this for 20+ year secrecy requirements. IETF has moved. People are shifting the basis of encryption.<p>Some of it is just stupid. the DNS does not need secrecy, it needs verifiability and if they roll keys more frequently, they can stay in the current technology for a lot longer.<p>I am concerned about the longterm impacts of this shift. A lot of infra has been built out on the belief the current methods are "it" and not all of them are field upgradable quickly.<p>Think about how badly US fintech at the shop front moved off signature methods, against 2nd adopter advantage in the rest of the world, and now imagine that every economy worldwide is trying to replace the Point-of-Sale card reader tech simultaneously to meet a deadline.