Comment 0 for bug 924220

We currently handle ssl cert verification via two options that are only queried from bazaar.conf.

That makes 'optional' for ssl.ca_certs = 'optional' complex to support.

Having the ailibty to specifiy these options in authentication.conf per-host will allow one to disable the verification for hosts that don't provide certificates which is what 'optional' is about (it makes little sense to check that ssl.ca_certs is a valid path if we don't intent to verify the host certificate anyway).