Support TLS 1.3 fixed and/or random record padding

[Seirdy]

Traffic analysis can decipher the size of a request; combined with the hostname or destination IP, this allows an eavesdropper to infer pages a user visits.

TLS 1.3 introduces record padding, mitigating this attack. By adding padding to records, size becomes a much less reliable source of information: fixed record padding makes sizes less unique, while random record padding makes sizes less consistent.

For comparison: Nginx built with OpenSSL allows fixed record paddings through the ssl_conf_command directive. The RecordPadding command allows sizing records to multiples of a given number of bytes. However, I am not aware of any server that supports random record sizing.

[WeidiDeng]

Golang stdlib doesn't allow http handlers to control underlying tls.Conn, you need to report to golang to allow tls.Conn Write to inject padding. Then maybe caddy can add a configuration.

[mholt]

Since this is something the Go standard lib will have to implement before we can do anything (we are not going to fork crypto/tls for our standard builds), I'll close this issue until it's actionable. Interested users should request this feature upstream from golang/go directly.