Explicitly disallow non-deferenceable IDs in Object ID section

[evanp]

The object ID section says:

These identifiers must fall into one of the following groups:

1. Publicly dereferencable URIs, such as HTTPS URIs, with their authority belonging to that of their originating server. (Publicly facing content SHOULD use HTTPS URIs).
   2. An ID explicitly specified as the JSON null object, which implies an anonymous object (a part of its parent context)

We should add additional text that explicitly recommends against some commonly used bad ID formats, such as: non-dereferenceable URLs, URLs with fragment IDs that can't be dereferenced, tag: or urn:uuid: URIs, or others that are well known.

[evanp]

We have a good primer page on object IDs: https://www.w3.org/wiki/ActivityPub/Primer/Object_identifiers

This guidance should be included in the spec itself.