Download location not properly verified for git url

[stgrace]

For the following URL, download location is not properly verified, even though it is mentioned in the spec to be valid:

[email protected]:MyProject

See https://github.com/spdx/tools-golang/blob/main/spdx/v2/v2_3/rdf/reader/utils.go#L27 and https://spdx.github.io/spdx-spec/v2.3/package-information/#773-examples

[kzantow]

For the most part, tools-golang doesn't currently have validation of the values. This will change for 3.0, as we are able to use the data types to generate models including some amount of validation.