During JSSE brainstorming, Jeff pointed out that the alternative subject name
field is not in certs, and that the https handler should check for this
field. This will probably take some doing in the java 2 JDK as well.

We need to grab the cert, see if it's a v3, and has alternative
names, and then check for it. There's another bug, 4387961 which will
provide a more flexible hostname verification.