Switch to python:3.6-slim-buster for base Docker image

[jsf9k]

This fixes an issue that @climber-girl pointed out, where pshtt was unable to complete a SSL handshake with several sss.gov domains. Digging into the issue, I found that the cause was that the older Ubuntu-based base image was using an old version of the gnutls library. This newer base image relies on libopenssl instead of gnutls, and a much more recent version at that. In addition, using Debian instead of Ubuntu results in a much smaller Docker image.

Since the change from Ubuntu to Debian required a lot of changes, I took the opportunity to also make the following improvements:

• Get rid of deprecated MAINTAINER tag and use the LABEL tag instead. This also allows us to add labels such as organization and URL.
• Avoid writing to the pip cache. This further reduces the size of the resulting image by a few megabytes.
• Make use of the new multistage functionality in Dockerfile. This helps reduce the size of and the number of layers in the resulting image, and it also obviates the need to reduce the number of layers by using bash trickery to cram several commands into a single RUN statement.

[jsf9k]

I have a full test running in AWS right now. I will not merge this PR until I have examined the results of that test and found them to be satisfactory. But I wanted to go ahead and put this PR out there for review, since the rest of the dev team will be unavailable tomorrow.

[jsf9k]

Test results look good. The SSS domains are picked up now. Thanks to @climber-girl for noticing this bug and pointing it out.