remove HTTPS pinning and TOFU until the bugs get worked out

This reverts to only using standard HTTPS verification based on Certificate
Authorities.  This means that self-signed certificates will not work at all
since that is what MemorizingTrustManager was providing.  It seems to me
that this was originally working because MemorizingTrustManager was not
correctly validating.  I couldn't figure out why PinningTrustManager alone
was not working. But we need to get good stable release out!

I'm leaving all the plumbing in place because this stuff should be included
once its all fixed and working properly.  You can see where it was added
here: 254327f9

refs #80 fdroid/fdroidclient#80