Gateway API: implement client cert verification [experimental]

[skriss]

https://github.com/kubernetes-sigs/gateway-api/releases/tag/v1.1.0

https://gateway-api.sigs.k8s.io/reference/spec/#gateway.networking.k8s.io/v1.FrontendTLSValidation

[jdoylei]

This feature would be great. We have apps that are stuck moving to Gateway API because they need frontend client certificates and rely on Contour's HTTPProxy.spec.virtualhost.tls.clientValidation field. We'd be able to make these apps consistent with others if they could switch to Gateway and Gateway.spec.tls.frontendValidation.