I wonder if I can request following features

1) compact graphic utility which displays time left on token, preferably 
in toolbars or docks.

2) edits of tokenwatch so that it issues a visible alert, like flashing 
background screen, that the token is about to expire, and spawn a 
command like

xterm -e klog

so that the user is given the opportunity to type in the password.

3) If the token does expire, I would like the program like thunderbird 
killed. A script like

#!/bin/csh

foreach  i (  `ps -u aki | grep thunderbird | awk '{print $1}' `)
kill -9  $i;  end

works for me, but it is clearly user dependent because of the use of ps 
-u USERNAME.

This too, if made part of tokenwatch, would be great.

Generally, if tokenwatch can be modified to provide access point, i.e. 
call to some user customizable shell scripts, which runs at something 
like 5-min prior to, and at the expiration of tokens, would be useful as 
needs and issues evolve, at least as far as I am concerned.

A different possible solution Sridhara suggested was to try to make 
thunderbird's cache area not requiring tokens for access (which I 
presume can be done using fs command?) I would like to explore that too 
as this is better than the hack I am suggesting above.

Generally, even without these hacks,  I can manage, as I have written 
several scripts for quickly killing processes and deleting lockfiles. 
But since the goal is to provide stable platform for average users, who 
shouldn't have to look under the hood at the level of PID's and 
dotfiles, can I ask that setting up of a stable desktop environment for 
reasonable range of user habits, including not always closing mail 
reading program, be a priority consideration especially when 
contemplating upgrading default supported OS, and to be in a lookout for 
alternative mail reading program where this AFS issue will not pose a 
problem?

-aki