Minion to Minion func->funcd communication

Currently func allows an overlord to make calls against a minion. The overlord
is a host that is running certmaster and has signed certificate requests
from minions. A minion is a system running funcd which has received a cert from
the certmaster. When an admin issues a command from the overlord to the minion
the process looks like this:

1. func host-specification call module method args
2. func looks up the list of available hosts in the certmasters directory and
   matches up the host-specification actual hosts
3. func connects via ssl'd xmlrpc to each host. It checks the following things:
   a. that the certificate is valid and signed
   b. that the hostname it is connecting to matches the hostname included 
     in the certificate.
4. func gives its certificate to the funcd on the minion. The minion
   does the exact same thing to verify the validity of the certificate and host.
5. If all of the above are successful func issues its calls to the mininon.
6. The minion takes the commands and checks its ACL list to see if the calling
   func client is allowed to run those commands.
7. the command is run on the minion
8. results of the command are returned to the func client

What I'm proposing is to make it possible for any system running func to be
able to issue a command to any system running funcd provided that they both
have signed certs issued from the same certmaster and their hostnames match
the names in their certificates.

The only changes we need to do this are:
 1. small modification to func to let it use the funcd key+cert to connect out
 2. some way of getting the list of available minions from the overlord