Organisations are discovering unexpected challenges as they move from crypto inventory → CBOM → PKI/KMS upgrades → pilot deployments.
Some blockers are technical (protocol gaps, dependency chains), others organisational (ownership, governance), and many are vendor-related.
What have you run into - or what do you expect to run into - during your PQC migration planning or pilots?
Any insights, surprises, or lessons learned are welcome.