I started to write a new PEP (well a wiki page in fact...) that describes a new package called "pypi" that would be dedicated to package registering and uploading mechanisms.
It would also provide enhancements like a proper password hash, or deepers metadata controls