upgrade to jwcrypto 0.4.2 which fixes windows and properly installs bigint into envs where it is supported

Relocating the MDN docs to be under "Persona"

Tests pass, clicking links open to new pages.

This gets a big r+ from me!

close #2125

KPI renaming

Use xgettext on the new location for email templates

Allow long RP names to wrap.

Give the tooltip an arrow.

Move tooltips to where they are less obtrusive.

update jwcrypto dependency to 0.4.0

I grepped through the browserid code (as of 0366b9f7) and verified that
all calls to cert.sign() have been updated to match the new API in
jwcrypto-0.4.0 .

The use of jwcrypto-0.4.0 allows browserid code to handle the new key
format and certificate format in version="2012.08.15". It won't create
new-format keys or certs yet: that will require a new jwcrypto release,
as well as changes in browserid to detect when it is safe to use the new
format (we must either wait for all deployed IdP primaries, browser
implementations, and verifiers to handle the new format, or implement
feature-advertisements and negotiation tools to selectively enable it).

The cert.sign() API calls were actually upgraded to the new API in
commit 67e54de3, when pull-request #2133 was landed. The branch was not
quite ready at that time, as it was using a named branch of jwcrypto
instead of the final 0.4.0 release. This commit effectively finishes off
that branch.

catch winchan removeListener error in IE8

If the user hits the /signin or /forgot pages while signed in, redirect them to the "/" page.

close #1345

* Move the "passwords do not match" on the set password screen above the first password.
* Move the "this email address and password do not match" above the email field.

removeListener throws in IE8

only Firefox seems to make the placeholder text
be the same color as the normal text, so this will
set the placeholder to a lighter grey

fixes #2187

* sites_signed_in => number_sites_signed_in
* sites_visited => number_sites_remembered

Usability enhancements to the forgot password screen.

* Disable the email field.
* Focus the first password field instead of the email field.
* If no email is stored (user did not come from /signin or /signup), redirect the user to /signin.
* If email address that is stored is not known, redirect to /signup.
* If email address that is stored is known but a primary, redirect to /signin
* When calling User.addressInfo on a primary address, check whether the address is known or not.  Allows us to simplify the forgot page.

Issue 2120 combine signin signup pages into /signin

Send html versions of emails

always set currentHint to null at startup

r+

Thanks @seanmonstar!

close #2132

* Remove the 250ms animation time.
* Update/fix unit tests.

process.env converts all values set into strings,
so its better to just not set it.

fixes #2132