Add our website to Firefox' hardcoded Public Key Pinning ("static pins")

On top of doing HPKP (see #9026 (closed)) on our own which provides TOFU, we could ask for inclusion on the preload list from Firefox. Tor is getting there in Firefox 34, why not us as well?

That would be an even stronger mitigation to MitM on our website.

See https://wiki.mozilla.org/SecurityEngineering/Public_Key_Pinning

Current pins: https://dxr.mozilla.org/mozilla-central/source/security/manager/ssl/StaticHPKPins.h

Related issues

Related to #8191 (closed)
Related to #9026 (closed)
Related to #16675

Original created by @sajolida on 9027 (Redmine)

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information