Remove reference to "BCO Server"

[stain]

digital_signature introduces a term "BCO Server" which is not explained elsewhere:

The BCO server can provide an API validating the signature versus BCO content, allowing users to validate the signature "offline" on their own. The server will also must provide a reference to the signature creation algorithm, facilitating for greater interoperability.

This is very confusing as "BCO Server" is a new term here, and the specification does not elsewhere talk about how BCO APIs are meant to work.

Suggestion to remove that paragraph or to make a new top-level section about how BCOs are resolved/transferred.

[stain]

A comment by @corburn:

To avoid N implementations of signature validation APIs, the spec should define an API. Alternatively, to avoid tying the spec to an implementation, one should be defined in a supplementary document of recommendations.