When hovering over email addresses in the pick email, change the cursor to a pointer - unless there is only one address.

close #356.

Updating all controllers that use it.  Cleaning things up, making it prettier.  Good to go.

Adding email validation/verification.  Adding error messages of email or password fields are not correct.

Hiding all tooltips by default.

Automating the addition of the CSRF token to POST requests.

Testing for CSRF tokens in POST requests in the unit tests.

Fixing up the unit tests for the new context info.  Fixing the checkAuth call which was calling the callback twice.

subsequent to setting a password, hide the password form on the verify_email_address landing page.  closes #347

Conflicts:
	browserid/static/dialog/resources/browserid-identities.js
	browserid/static/dialog/resources/browserid-network.js
	browserid/static/dialog/test/qunit/browserid-network_test.js
	browserid/views/developers.ejs

Simplify user account creation/email addition, only generate the keys whenever the assertion is asked for.

fix confusion in browserid-network.  when auth status is non-boolean it means it requires a fetch, otherwise we expect it to represent authentication status of the session

Hopefully this minimizes the amount of delay the user notices.

When an identity's key or cert is invalidated, we no longer remove it from storage but instead remove its public key, private, and cert.  Adding invalidateEmail to storage, but may move this to identities as it seems like too much info for storage.  Updating the controllers to call syncEmails instead of syncEmailKeypairs.

First step in on-demand cert generation.  We no longer generate certs when syncing, but only when the identity is requested or when generated.

Adding a new function/test called syncEmail, renaming syncEmailKeypairs to syncEmails to better reflect its purpose.