pin HTTPS certificates for repos that are included by default and added by the user

Currently, f-droid.org and guardianproject.info repos are included by default in the FDroid app. The HTTPS certificate should also be pinned to prevent bad Certificate Authorities (CA) from issuing valid certificates for these domains.

By the same measure, if another repo is added and it has a valid CA-signature, then there should automatically be a pin that maps that new repo's hostname to that CA's signing key.

The guts of this idea is being sketched out here: https://dev.guardianproject.info/projects/bazaar/wiki/Chained_TLS_Cert_Verification