* API Changes
  * AX::FetchResponse::fromSuccessResponse - return null when AX
    response arguments are absent
  * Alter AX fromOpenIDRequest() to take Auth_OpenID_AuthRequest
    object instead of Auth_OpenID_Message object so that it matches
    its counterpart methods in SREG and PAPE extensions.
  * PAPE (Provider Authentication Policy Extension) module
      * Updated extension for specification draft 2
      * Auth_OpenID_PAPE_Request::fromSuccessResponse returns None if
        PAPE response arguments were not signed
  * Added functions to generate request/response HTML forms with
    auto-submission javascript
      * Consumer (relying party) API:
        Auth_OpenID_AuthRequest::htmlMarkup
      * Server API: Auth_OpenID_OpenIDResponse::toHTML

* New Features
  * Added examples/discover.php, an OpenID service discovery tool
  * Add optional form_tag_attrs argument to
    Auth_OpenID_ServerResponse::toFormMarkup for setting arbitrary
    FORM element attributes
  * Fetchers now only read/request first megabyte of response

* Bug Fixes
  * NOT NULL constraints were added to SQLStore tables where
    appropriate
  * Yadis discovery now properly falls back to HTML-based discovery if
    it fails to get an XRDS document
  * Auth_OpenID_Decoder now behaves correctly when given a protocol
    message with an invalid OpenID namespace or a missing OpenID mode
  * Auth_OpenID_OpenIDResponse::toFormMarkup: Use return_to from the
    request, not the response fields (Not all responses (i.e. cancel,
    setup_needed) include a return_to field.)
  * normalize return_to URL before performing return_to verification
  * Auth_OpenID_Consumer::_verifyDiscoveryResults: fall back to OpenID
    1.0 type if 1.1 endpoint cannot be found
  * Auth_Yadis_ParanoidHTTPFetcher now works correctly with both array
    and non-array CURL versions
  * Clarified licensing language in all source files
  * OpenID 1 association requests no longer explicitly set
    no-encryption session type
  * Auth_OpenID_ServiceEndpoint::getDisplayIdentifier no longer
    includes a fragment, if present, in display identifiers
  * check_authentication requests: copy entire response, not just
    signed fields.  Fixes missing namespace in check_authentication
    requests
  * Yadis discovery now includes application/xhtml+xml and qualities
    in the Accept header
  * Normalize URLs correctly with URINorm.php
  * Auth_OpenID_MySQLStore: Use ENGINE instead of TYPE when creating
    tables