Rebase the draft on top of draft-beck-tls-trust-anchor-ids

[davidben]

The main changes:

• ProofType is gone and now implicit from the trust anchor

• TrustAnchor is gone and replaced with TrustAnchorIdentifier from draft-beck-tls-trust-anchor-ids.

• The negotiation mechanism is removed and instead references draft-beck-tls-trust-anchor-ids, adding some guidance on how to use it.

• We did lose the aliases mechanism and instead take a harder dependency on the DNS mechanism in draft-beck-tls-trust-anchor-ids. I've filed https://github.com/davidben/tls-trust-expressions/issues/62 to track restoring that.

• General discussion on agility is removed as draft-beck-tls-trust-anchor-ids covers that.

• Just to get it out of the way, I moved the discussion on client certificate types to an appendix.

Fixes #80

[bwesterb]

Bit of a nit, but why

struct {
    TrustAnchorIdentifier trust_anchor;
    opaque proof_data<0..2^16-1>;
} Proof;

struct {
    Assertion assertion;
    Proof proof;
} BikeshedCertificate;

and not directly

struct {
    Assertion assertion;
    TrustAnchorIdentifier trust_anchor;
    opaque proof_data<0..2^16-1>;
} BikeshedCertificate;

You could say the proof_data doesn't make sense without the trust_anchor, but the proof_data also doesn't make sense without the assertion.

[davidben]

@bwesterb Somewhat looking forward to maybe doing something like https://github.com/davidben/tls-trust-expressions/issues/54, but yeah, let's inline it for now.

(I was OOO last week. Will take a pass to update this and look it over again.)

[bwesterb]

@bwesterb Somewhat looking forward to maybe doing something like davidben/tls-trust-expressions#54, but yeah, let's inline it for now.

I don't see how that'd work, but let's keep it as is then if you have something in mind.

[davidben]

Sketched it out in https://github.com/davidben/merkle-tree-certs/issues/88