Add reference to PQ signatures and link out to blog

Author: RebeccaTamachiro

src/content/docs/ssl/post-quantum-cryptography/index.mdx

@@ -26,12 +26,14 @@ Before TLS can protect your communications, three cryptographic algorithms have
 - **Key agreement:** A cryptographic protocol that allows client and server to safely agree on a shared key (such as `ECDH`).
 - **Signature algorithms:** Cryptographic algorithms used to generate the digital signatures in TLS certificates (such as `RSA` and `ECDSA`).
 
-As explained in our [blog post](https://blog.cloudflare.com/pq-2024/#two-migrations), it is urgent to migrate key agreement to post-quantum algorithms as soon as possible. The objective is to protect against an adversary capable of harvesting today's encrypted communications and storing it until some time in the future when they can gain access to a sufficiently powerful quantum computer to decrypt it.
+As explained in our [blog post](https://blog.cloudflare.com/pq-2024/#two-migrations), symmetric ciphers are already post-quantum secure, which means there are two migrations left to occur.
 
 ### Hybrid key agreement
 
 With TLS 1.3, [X25519](https://en.wikipedia.org/wiki/Curve25519) - an Elliptic Curve Diffie-Hellman (ECDH) protocol - is the most commonly used algorithm in key agreement. However, its security can be easily broken by quantum computers using [Shor's algorithm](https://en.wikipedia.org/wiki/Shor%27s_algorithm).
 
+It is urgent to migrate key agreement to post-quantum algorithms as soon as possible. The objective is to protect against an adversary capable of harvesting today's encrypted communications and storing it until some time in the future when they can gain access to a sufficiently powerful quantum computer to decrypt it.
+
 In response to this, Cloudflare is an early adopter of ML-KEM, the post-quantum key agreement selected by the US National Institute of Standards and Technology (NIST). For a detailed timeline and more background information refer to [The state of the post-quantum Internet](https://blog.cloudflare.com/pq-2024/).
 
 Cloudflare has deployed the following hybrid key agreements:
@@ -43,6 +45,12 @@ Cloudflare has deployed the following hybrid key agreements:
 
 A hybrid key agreement lays the groundwork as more and more [clients](#1-visitor-to-cloudflare) adopt post-quantum cryptography, while also maintaining the current security provided by X25519. It is a safer path in case of an unexpected breakthrough that renders all variants of ML-KEM insecure.
 
+### Post-quantum signatures
+
+The migration to post-quantum signatures is less urgent and more involved. Cloudflare is closely following the developments of new standards, testing their performance, and working together with browsers to understand user impact.
+
+For details refer to [A look at the latest post-quantum signature standardization candidates](https://blog.cloudflare.com/another-look-at-pq-signatures/).
+
 ## Three connections in the life of a request
 
 ```mermaid

src/content/docs/ssl/post-quantum-cryptography/pqc-support.mdx

@@ -7,7 +7,7 @@ head: []
 description: Consider information about post-quantum cryptography at Cloudflare - deployed key agreements and software support.
 ---
 
-Cloudflare's deployment of post-quantum hybrid key agreements is supported by different software as listed below.
+Cloudflare's deployment of post-quantum [hybrid key agreements](/ssl/post-quantum-cryptography/#hybrid-key-agreement) is supported by different software as listed below.
 
 ## X25519MLKEM768
 - Default for [Firefox 132+](https://www.mozilla.org/firefox/channel/desktop/) (Beta)