Here are my two cents, Clearly some work will need to be done to the current authentication system to make it more modular for those that have LDAP, OpenID, etc, as "requirements" for there projects. Having an easy to define authentication mechanism as Brian proposed is also very attractive. My hope is that a default authentication mechanism like the current system will still be available. It doesn't cover every possible scenario, but can be used for a large number of projects, and it's been well tested. Having an easy to use built in authentication mechanism was one of the things that originally attracted me to Django.
Thanks! --Nick