Verbose option doesn't make sense any more when the algorithm is in the release

[peterbe]

When we started using pypi.org instead one important change was that now we can (almost) always get the digests as part of the JSON payload. Before we had to get each URL for each release file, download that file, and run pip on it to get the checksum. Instead now can we can just get it from .releases[<desired version][N].digests.sha256 for example. In https://pypi.org/pypi/psycopg2/json for example every release has a md5 and sha256 digest. So we don't need to process a specific URL.