* there will be a local http server (bound to 127.0.0.1 so no one else can access it) which will do the brunt of the client-side of authentication... for example with a public/private key it will take a message to encode/decode and will do it with your private key, and if nesiccary it will ask the browser for your passphrase via. a communication protocol.
 * the browser will act as a proxy between the local and remote servers, and act as a gui for displaying anything that is needed by the local auth server
 * the remote server will ask for various information and give you a Session which will accompany your authentication info