RE: R2 features and documentation?

> 1) When I click on Submit to send out my request, among other things,
> EE prompts me for "exporting TO smart card". What is it trying export to the
> card? I was expecting that at this point EE calls PKCS11 to generate the key
> pair, reads the public key component out of the token and generates the cert
> request.
> Is the prompt actually supposed to be "export FROM smart cadr"?

Right now the virtual smart card is just a data store, the key is not
generated on the card. So the export to smart card function takes the key
that the EE generated and stores it onto the card.

> 2) If I make changes to my request during request generation, EE also
> prompts me for saving the changed certificate. If I say YES, every thing
> works. But if I say NO, key generation fails with error "key generation
> parameters are missing". If I exit the program, reenter and this time accept
> the prompt for saving the cert, every thing works.
We'll have to look into this ...

> 3) After the cert is issued, I cannot find a way to export the
> certificte. There is an export option but it's grey'd out. Is this because
> the feature is not implemented or am I missing something?
This feature is not yet implemented.

> Any chance of getting the answers to my previous questions regarding
> documentation and features in this drop?
Unfortunately, for the most part the code is the ultimate spec.
Each code drop to MIT does have a readme that does give a very brief description
of what is in the drop. The code that is on the MIT web site now supports
requesting
certificates with various extensions (basic constraints and key usage). The
freeware
relies on the Cylink toolkit for crypto, so the only signature algorithm that is
supported is DSA, SHA-1 for hashing, and triple des for symmetric crypto.

A new snapshot should be released soon, this release adds revocation requests,
CRL generation, and CRL/Certificate LDAP posting. (There is probably more that
I am forgotten).

                              Mike