Check to make sure that signature verification really is secure
	the framework is there; I need to check that the code is correct
	(and hook in AKD, when that is working)

Reorganize pygale to have a non-blocking interface
	use an external select loop
	have a run() method that returns a list of sockets to watch
	register callbacks on events, such as receiving a puff
	the run() method will invoke callbacks as necessary, but never block
	the external select loop will notice activity on any of the watched
		sockets, and call run() when there is activity

Automatic Key Distribution
	if a cached key doesn't verify a signature, maybe there's a new public
		key---try fetching it
	don't request a new key too often (don't overload key servers)

Reorganize authcache interface
	it's all wrappers to functions in the KeyCache---good? bad?
	authcache module was intended to be just memory cache for key data
	now it has code for importing them, too---good? bad?

Reorganize PyGale API?
	misc functions now in pygale.py -> utils.py?
	notification stuff -> notify.py?
	lots of the Puff methods should go into separate data-handling modules

Key expiration
	implement GaleTime class
	check for expired keys, and reject them

Key generation
	figure out how to generate new keys, sign them, etc.

