Support sending Exported Authenticators in multiple frames over HTTP/2

[egorbaty]

The size of exported authenticators (especially with post quantum certificates) could be large enough that they might not fit in the maximum frame size for HTTP/2, so we'd probably want the ability to send them in multiple frames, similar to CONTINUATION frames.

We cannot actually use CONTINUATION frames per HTTP/2 6.10:

CONTINUATION frames MUST be associated with a stream. If a CONTINUATION frame is received with a Stream Identifier field of 0x00, the recipient MUST respond with a connection error (Section 5.4.1) of type PROTOCOL_ERROR.

One possible solution here that minimizes complexity is to just add a TO_BE_CONTINUED flag for the CERTIFICATE frame type, and make it such that the client must assume CERTIFICATE frames following a received CERTIFICATE frame are continuations of the previously received authenticator fragment. The authenticator would be complete upon receipt of a frame that does not have the flag set.

If that is the form the solution takes, we also might want text that suggests for clients to limit the total size of an authenticator that they would receive to prevent abuse.