s2n-quic-rustls interop fails due to limited cert chain depth in webpki crate

[WesleyRosenblum]

Problem:

The amplification limit interop test creates a very large cert chain, larger than the maximum supported by the webpki crate that rustls uses:

https://github.com/briansmith/webpki/blob/b481381e914de604df30b1be2fe72d938a5c0e57/src/verify_cert.rs#L43-L47

This causes amplification limit interop test to fail.

To complicate things more, the version of webpki that is used by the version of rustls s2n-quic uses (v/0.20.8) has been reverted in the webpki repo: briansmith/webpki@17d9189. So submitting a PR to webpki to increase the cert chain limit would not actually fix the issue for s2n-quic

To complicate things even more, newer versions of rustls no longer use the main webpki, but rather use their own fork: https://github.com/rustls/webpki

Solution:

To work around this, I've forked webpki to increase the limit: https://github.com/WesleyRosenblum/webpki

Once s2n-quic is updated to use the latest rustls (or even before), we can submit a PR to increase the cert chain limit in rustls/webpki. Once that has been merged we can stop using the workaround introduced in #1837

[WesleyRosenblum]

Alternative options are to configure rustls to always accept certs (bypassing the chain depth limit), or to update the quic-interop-runner to use a larger key size with a lower cert chain depth.