Jan Wolter:

 - Look into developing a "socket" method, in which we first try open a
   socket connecting to the external authenticator, and only launch a new one
   if the initial connection attempt fails.  This would avoid launching a
   new authenticator for each hit.  Instead the authenticator would be a
   persistant process that can hold open a connection to the database and
   even do caching of recent authentications.

 - Windows support.  Not something I'm likely to do, but a good idea.
