2 - Implement CRL and OCSP parts of x509
3 - Implement permissions grant based on certificates
6 - manage upgrade packages
7 - use key facilities of kernel
8 - remove the link to the icon on failure or create it lately
9 - improves safety on power failure