Server/client code for HTTP storage protocol fURLs

[itamarst]

A HTTP storage fURL looks like pb://i5xb...@example.com:443/g3m5...#v=1, where i5xb... is the sha256 of the Subject Public Key Information. The g3m5... is the swissnum; the #v=1 means it's HTTP.

On the server-side:

1. The HTTP server should be able to listen with TLS, given paths to key file and certificate file. (It already accepts the swissnum.)
2. It should provide an API that returns the fURL in above format.

On the client-side:

1. The client should be able to determine the host/port to connect to from a fURL.
2. Upon connecting, the client should verify:
   1. Expiration date of certificate; it hasn't expired.
   2. That the public key in the certificate has SPKI signature the matches the one in the fURL.
   3. That the certificate was signed by the private key (i.e. self-signed).