There are several problems relating to the ssl_cert and ssl_key values in the
cfg_cache file, the Image.set_authority API, and the misc.versioned_urlopen
method.

1. Once the ssl_cert and ssl_key values for an authority are set to something
other than None, there is no way to change them back to None. Calling 

img.set_authority(authname, ssl_cert=None)

doesn't work because the None value is used to mean that no information for
that argument is being passed in. 

img.set_authority(authname, ssl_cert="")

doesn't work either because the set_authority method does an "if ssl_cert"
before setting the value, and Python evaluates the empty string as false in
that context. 

2. Even if ssl_cert="" worked, the value in the cfg_cache needs to be set to
None, not the empty string.  If it is set to the empty string, then the check
in misc.versioned_urlopen will treat the URL as and HTTPS URL with client
authentication even though it shouldn't. 

Suggested fix:

1) When pkg(5) reads the cfg_cache file, and empty string for ssl_cert or
ssl_key should be treated the same as None.

2) When image.set_authority is passed an empty string for the ssl_cert or
ssl_key, it should write None to the cfg_cache file. 

3) When pkg.misc.versioned_urlopen determines whether the connection is SSL or
non-SSL, it should look at the scheme of the URL in addition to looking at the
values for ssl_cert and ssl_key.