feature: configure client key shares

[jmayclin]

Problem:

For a client which talks to a wide array of servers, it is useful to send multiple key shares (e.g. secp256r1 and x25519) to keep HRR rates low.

Solution:

Option 1: security policy configuration
Option 2: API which can be used to select groups (from the security policy) to be sent as key shares

Edit: This issue needs more research to decide on a path forward.

[jmayclin]

Possibly alternate solution: store the server's selected group alongside any session ticket that it provided, and use that information for intelligent key_share sending in the resumption attempt.