Revise initial descriptor upload behavior for onion services

According to rend-spec.txt:

   When uploading descriptors, the hidden service needs to make sure that
   descriptors for different clients are not uploaded at the same time (cf.
   Section 1.1) which is also a limiting factor for the number of clients.

At the moment it's unclear how it should be implemented and why.

• What is the threat model here?
• How exactly descriptors should be uploaded?
• In what range delays should be set?
• How this will work along with absent delays after #20082 (moved)?