updated to new version of client-sessions, renamed, and re-added connect-cookie-session for example primary

changed session over to benadida's node-cookie-session with encryption and signing of the cookie, closes #416, closes #832

implement a 'maximum request time' for bcrypt work.  server now fails more gracefully under backbreaking load, returning 503s to clients of the authenticate_user api.  update loadgen to be less dramatic about, but still display, 503 errors.  first part of issue #787 - a partial fix for #785 in dere too

update to jwcrypto 0.1.1 - now the verifier supports 'new style' assertions which are JWS structures separated by tildes and don't double base64 encode.  assertion size down 33%.  we still generate only old style assertions.  issue #507

move to a manual tarball of statsd, as github dynamic tgz gen seems broken, prevents npm install from working

upgrade to a branch of statsd that lazily closes ephemeral UDP ports, so that we're not allocating one UDP socket per request when under load.  closes #680

fix regression in keysigner - ensure non-default VAR_PATH is relayed to compute processes - issue #213

improve node.js version checking.  eliminate DRY violation, and use semver for robust version specification and matching.  nice yak, eh?

express our dependency on nodejs >= 0.6.3 in package.json and in code.  (note: I'm not sure package.json actually does anything useful, but it's a good place to document it)c

store public key on disk as a certificate which has embedded creation time.  use that as the value returned in /wsapi/session_context as domain_key_creation_time - now you can update keys at any time and outstanding client certs are expired automatically - closes #599

update jwcrypto, now issued_at is part of certificate.  in frontend code compare server time, issued_at, and domain_key_creation_time to determine if a cert has expired.  (previously, clock skew could cause certs to be regened every single time.  hawt.) issue #599

repairing load_gen - issue #504 - update pathing, alter fake_verification WSAPI to query the database rather than to use email interception (which no longer works)

Revert hotfix to #540 in beta, as it introduced issue #548.  The fix to the former does not address a regression.  The latter is a regression.

Revert "changelog note re issue #540"
Revert "upgrade mysql driver which fixes unhandled exception upon driver reconnect.  closes #540"

This reverts commit bf3d3ed3.
This reverts commit 844d7992.

implement graceful process shutdown, and clear logging as to the reason why processes are terminating.  include winston handling of uncaught exceptions.  this all goes into a library that all of our processes use.  closes #529