Hugues de Valon

Hello! Sorry for the long time without answer! `C_Finalize` is called when then `Pkcs11` instance is dropped. We could potentially add a new constructor which builds an instance that does...

> as it can seriously disrupt concurrent token access (or force applications to keep the Pkcs11 structure in a global indefinitely simply to avoid issues) What do you mean? By...

Thanks for showing some use cases where this would be a problem! Now I understand better that our "finalize-on-drop" approach might not be ideal by default. I suggest then that...

> Or maybe something like that is simply shown as a coding example, I am not totally sure, so perhaps do nothing and just document that some function can return...

All in all I suggest the following changes to be implemented: * remove finalizing on `Drop` for the Pkcs11 structure * fill the `finalize` method with the actual call *...

> I think safety is more important than the 1-1 mapping. Agree! Trust you with making the right choices here, since you are from all of us the one knowing...

I see where you are coming with the difference between an error executing the function and a wrong signature with a perfectly functioning function. I think we are an abstraction...

Thanks for the suggestion! Seems that the consensus was to stay with the `Result` for now. I think we can close it and re-open if this comes again as a...

Feel free to ping us when you want us to review this again!

Do we see any other operations that would also modify the input `Mechanism`? Agree that it would be cumbersome to have to change the whole `Mechanism` lifetime + bounds only...