* use ``pylint``, ``coverage`` and other tools in sane manner to improve code quality
* enforce proper ``Content-Type`` on certificate ``PUT``, with nice information in case if wrong value is used; possibly do it in conjunction with providing simple client to upload certificates
* implement ``test_GET_expired_identity`` with doing CA by hand and issuing expired certificate out of caucase, in order to have it expired in time of connection
* speed up fetching certificates, by using keep-alive connections to kedifa server, cache and all other good tools from HTTP world