fix crypto-stubs.js to include embedded versions of prng and rng, also improve RP output and fiddle with the JSAPI a bit.  now an assertion is represented as an object where .jwt is the signed jwt blob, and convenience keys are populated from the blob

Conflicts:
	authority/static/dialog/crypto-stubs.js

take a step back.  remove the server component from the RP, just use static resources and cross domain XHR.  the in-repo test RPs should be as simple as possible

clean up webfinger support in authority: use mustache for templating cause it's hot, include Subject tag, support & expect acct: prefix

fix set_key wsapi on authority, now properly associates a NEW key with an EXISTING email address owned by the currently authenticated user

implement 'identity sync' which basically triggers client re-keying of identities that the server knows about but the client doesn't.  Also invalidates ids that the user has removed (probably on another device).  Also this is the proper place for revocation and key refresh to occur.  one transaction + one per key reset (though that could be consolidated)