* API changes
  * SQLStore implementations no longer create or use a 'settings'
    table
  * SRegResponse.fromSuccessResponse returns None when no signed
    arguments were found
  * Added functions to generate request/response HTML forms with
    auto-submission javascript
      * Consumer (relying party) API: AuthRequest.htmlMarkup
      * Server API: server.OpenIDResponse.toHTML
  * PAPE (Provider Authentication Policy Extension) module
      * Updated extension for specification draft 2
      * Request.fromSuccessResponse returns None if PAPE response
        arguments were not signed

* New features
  * Demo server now supports OP-driven identifier selection
  * Demo consumer now has a "stateless" option
  * Fetchers now only read/request first megabyte of response

* Bug fixes
  * NOT NULL constraints were added to SQLStore tables where
    appropriate
  * message.fromPostArgs: use query.items() instead of iteritems(),
    fixes #161 (Affects Django users)
  * check_authentication requests: copy entire response, not just
    signed fields.  Fixes missing namespace in check_authentication
    requests
  * Consumer._verifyDiscoveryResults: fall back to OpenID 1.0 type if
    1.1 endpoint cannot be found; fixes discovery verification bug for
    certain OpenID 1 identifiers
  * SQLStore._execSQL: convert unicode arguments to str to avoid
    postgresql api bug with unicode objects (Thanks to Marek Kuziel.)
  * MySQLStore: Use ENGINE instead of TYPE when creating tables
  * server.OpenIDResponse.toFormMarkup: Use return_to from the
    request, not the response fields (Not all responses (i.e. cancel,
    setup_needed) include a return_to field.)
  * server.AssociationRequest.answer: include session_type in
    no-encryption assoc responses
  * OpenIDServiceEndpoint.getDisplayIdentifier: Don't include the
    fragment in display identifiers.