V3 Extensions

Hi,

I am building an application where I have a CA which hands out
certificates to clients.  Besides signing the public key, I need to add
extensions which grant restricted access to clients when they use the
certificates.  I looked over the bunch of available extensions, but
nothing matches my requirement.  I am using the IAIK package which is
very very similar to the JCE.  I have 3 questions :

* Is there some sample code somewhere which shows how to use the
extensions?  I can't seem to get a hang of them.

* If I do extend the V3Extension class with a new class say
MyExtensions, and then add this extension as non-critical to the issued
certificate, will this extension ever be used during the automated setup
of the SSL connection.  I mean that does the JCE or JSSE actually care
about newly added non-critical extensions?  I already have my own
TrustManager during SSL setup and hence I can act on the Extensions just
fine.

* Say I created a certificate and added a private extension
(MyExtension).  Now I want to transfer this over the network and hence I
call
cert.writeTo(socket.getOutputStream());

On the receiver side i will call

temp_cert = new iaik.x509.X509Certificate (
ssl_socket.getInputStream());

Now is this new certificate going to have the correct extensions which i
added?

I appreciate pointers on these topics.

Priyank