when setLoggedInUser is used, surpress events when the site's notion of a logged in user is the same as that of browserid

purge all references to old persistent/remember me functionality - create local storage that keeps track of where you're logged in - wire up login/logout events to fire as appropriate on page load

* Add a meta tag for screen width.
* Add some CSS that mobile browsers will use to format correctly.

close #747

* Use [].slice instead of [].splice
* Set a charset in the sample RP.

made relay iframe live for the length of the page, and localized some variables. Should now work on ios 5. Fixes #442

remove CORS from repository.  In-repo example now properly forwards requests to verifier from server.  closes #245

include full origin (inc. scheme) in generated assertions.  To preserve compatibility, allow the rp to omit scheme in post data, and subsequent to verification, return whatever the rp sent us.  issue #82

verifier now accepts parameters over POST in addition to GET, use of the former is preferred and user identifiable data out of http logs.  closes #96

return the string encoded JWT to the client, don't wrap it in a magic object as it might guide developers into trusting something that is untrustworthy.  closes #33

simplify verifier a bit to make it simpler to use either off the same domain as browserid.org OR on its own domain.

in source urls are now all (interim == eyedee.me) live, the test harness subs in testing urls & hostnames

fix crypto-stubs.js to include embedded versions of prng and rng, also improve RP output and fiddle with the JSAPI a bit.  now an assertion is represented as an object where .jwt is the signed jwt blob, and convenience keys are populated from the blob

take a step back.  remove the server component from the RP, just use static resources and cross domain XHR.  the in-repo test RPs should be as simple as possible