BUGS:
- printing info about 1 specific cert (option '--printcert') shows non-local timezone
- don't update indexdb if cert can't be generated (due to missing X509Ext method in pyOpenSSL for example)
- also ask for overwrite clientfile if looking for freeip
- when calculating freeip: don't parse clientfile itself if it exists

NICETOHAVES:
- option to purge expired certificates from indexdb
- check for all required fields in stonevpn.conf
- parse openssl.cnf for ENV variables
- option to (PGP/GPG) encrypt e-mail
- option to use a different configuration file (defaults to /etc/stonevpn.conf)
- option to create encrypted zipfile (using 7zip?)
- option to create: openvpn CA cert
- a web interface would be cool .. in Django! python kicks butt
- log all actions/output
