Clarify what TLS Certificates must be used by Log Endpoints

The policy is currently unspecified as to what TLS certificate must be used for a Log.

This creates compatibility issues for monitors and clients, as seen at https://groups.google.com/a/chromium.org/d/msg/ct-policy/0B46Z5UcbuE/nIem5EBbAAAJ .

