Refactoring:

1) For clarity's sake, turn pb into a package: pb.local pb.remote pb.protocol

2) the methods for connecting to a server assume you are using TCP - they should use the new connectTCP, connectSSL, etc. API when we do *that* refactor.

Added functionality:

1) Use SRP instead of whatever the current challenge/response is - see http://www-cs-students.stanford.edu/%7Etjw/srp/.

2) Make a login system that uses X.509 certificates for identities (SSL only).

3) Look at SPKI for an alternate certificate-based system (RFC 2693).