breaking format changes in v2

[Geal]

considering current usage (after discussion with existing users), we decided to add some breaking changes to v2 that could not make it in the initial release, but would make sense for future development and consistency:

• updating the default symbol table: https://github.com/biscuit-auth/biscuit/issues/94
• implementing a limited version of https://github.com/biscuit-auth/biscuit/issues/88 where:
  • execution scope is defined by an enum or oneOf in the block, indicating OnlyAuthority (block checks only see facts from authority/authorizer and the current block), Previous (checks see facts from all previous blocks), UnsafeAny (blocks see facts from all blocks)
  • the default execution scope will be OnlyAuthority (instead of Previous right now). This breaking change will make the default behaviour safer and less surprising

those changes will come with an increase in the "max schema version" (currently at 2). Current implementations should switch directly to version 3 of the format and refuse version 2

[divarvel]

What should be shipped in current implementations ASAP:

• updated symbol table (remove authority, ambient and revocation_id, replace them with read, write and role
• ~[0..255] restricted range for symbol ids so that the default symbol table can grow without breaking tokens (not 100% sure it would make adding default symbols breakage-free, though)~ messing with the symbol table will create issues anyway, so this offset does not buy us anything
• making execution scope default to OnlyAuthority
• bump the max schema version

Configurable scoping rules can land afterwards, as it's purely backwards compatible

[divarvel]

Done in #97 and #103