RelyingParty should support a list of origins

[asavageiv]

While implementing Webauthn for Web + Mobile I found that Android requires using the APK hash as the origin. It is valid to have a list of valid origins per 13.4.9 Validating the origin of a credential.

This means that if you want to implement both Web and Mobile authentication you currently need to create multiple RelyingParty instances, but I think per the spec it would make more sense for RelyingParty to replace origin with accepted_origins that is an array of origins that can be validated against.

The rename helps clarify that the origins listed are not a property of the RelyingParty itself, but of the client per the definitiion.

Does this make sense?