Accepted, but please adjust your Test Plan to actually test the previous missing *functionality* of opencryptoki+EP11+Dilithium from a user's perspective. This means something like "verify that a user can use their token to authenticate against X" rather than "verify that the library supports X".
Just checking that it's detected and _might_ work is insufficient, IMHO. Because if it turns out that a further patch is needed to make it actually work for users, we shouldn't be pushing updates multiple times to unaffected users because we didn't test the stack all the way through.
Accepted, but please adjust your Test Plan to actually test the previous missing *functionality* of opencryptoki+ EP11+Dilithium from a user's perspective. This means something like "verify that a user can use their token to authenticate against X" rather than "verify that the library supports X".
Just checking that it's detected and _might_ work is insufficient, IMHO. Because if it turns out that a further patch is needed to make it actually work for users, we shouldn't be pushing updates multiple times to unaffected users because we didn't test the stack all the way through.