Policy

When loading applet to card, you have to pass it "card policy". It's used for card initialization at install time and can't be changed later (for both technical and security reasons). Not giving a policy results in a "basic" OpenPGP card: no extra features!

In the policy, you define:

• how many ENC keys to keep (might be limited by EEPROM capacity)
• transfer buffer size (in bytes)
• if AUTH key should be used for RFID auth or not (if not, a different key with its independent PIN have to be generated) -- only applicable to RF-capable cards
• if signature requires both PIN and button press (requires HW support for the button)

A flag preventing re-export seems quite useless, since the user could always "certify" a SW store that doesn't enforce it. Better use a throwaway CA that only certifies 'N' devices then deletes its private key.

Note that the CA public key is loaded only after initialization: you just have to define a buffer big enough to contain it (minimum is 400 bytes for 2048 bit RSA key -- no shorter keys allowed). This way users could buy prepared cards from a trusted third party and just load their personal CA key. Key export will be possible only after a CA pubkey have been stored, but loading a CA pubkey is only possible if there are no other keys on-card. So you first load the CA pubkey, then import/generate your keys.