prop360: need different phrasing to prevent length extension on onion service descriptors

Right now, in prop360, we say:

Clients SHOULD detect the presence of extra information at the end of an HSDesc reply, beyond the signed data. If any extra information is present, the client SHOULD issue a warning. The warning SHOULD include the identity of the HSDir that served the invalid information.

But this isn't sufficient to do what we want: the signed portion of an HsDesc ends with the "signature" field, which looks something like:

signature n6BRbuZmzu98nqrY8OZLBHoLM2yiXfInLIdGjW0YTENDjakUrqiR+ie1umxxspwROrJ5f22mLJlhAZMWnpM2CA

Note that nothing in the specification prevents an attacker from adding extra spaces between the keyword and the ed25519 signature, or between the ed25519 signature and the newline.

I think we may need to say that additionally the signature line MUST have a minimal encoding.

cc @mikeperry