renamed TrustedSSL constant to something more meaningful; added comments; also check the server URL against the expected one before trusting it