prop224: Implement stealth client authorization

prop224 currently does not specify stealth client authorization.

This is a feature from rend-spec.txt which makes the HS create a unique onion address for each authorized client. This way revoked clients cannot get presense information about the hidden service, since they don't know the onion addresses of other clients.

This is useful for cases where authorized clients have a chance of turning adversarial and there is a need for total revocation.

tl;dr: We need to specify stealth auth in prop224, and implement it.