Clarify strictness in policy compatibility

[lflores-ms]

Algorithm 9.1 "Is policy compatible?" (and elsewhere in the draft) refers to a value being "stricter" than the declared policy, but the spec does not define what "stricter" means.

While it may seem intuitive, implementations may differ. Chromium currently assumes that false is stricter than true for boolean policies (from reusing Permissions Policy logic), but this does not align with policies like force-load-at-top, where true is arguably stricter. It would be helpful for the spec to define “stricter” explicitly, especially for boolean and other common value types.