Pin *.torproject.org's certs in TBB

TBB should do a hardcoded check for the *.tpo certificate to prevent MITM attacks.

Mozilla does the same for their update mechanism (addons and browser).