Make single onion service to rend and Tor2web to intro link authentication into a protocol warning

Single onion services and Tor2web connect directly to relays using untrusted link authentication keys.

These connections can cause a lot of warnings, particularly due to the link auth bugs in #26627 (moved).

We can either:

• downgrade all link auth warnings to protocol warnings on single onion services and Tor2web (this is the fast fix)
• taint untrusted link auth keys, and then downgrade connections using tainted keys to protocol warnings (this is very intrusive)