[feature] Read + Write tombstones for deleted Actors

[tsmethurst]

Previous situation:

so what happens sometimes is that remote accounts send deletes, gts tries to deref the account (often with every account on the instance the delete has been delivered to!) to get the public key to authenticate the delete, and then returns a 401 because the dereference already returns 410 GONE

With these PR:

When a Delete comes in via the federating api:

• Check if a tombstone exists in the database for the signer of the Delete.
• If it does, halt processing and return 202.
• It it doesn't, try to dereference the signer of the delete.
• If they can't be dereferenced because of a 410 GONE http status code, insert a tombstone for that account in the database.
• Return 202 Accepted for subsequent deletes, without making expensive remote http calls.

This is only done for accounts our instance didn't know about when the delete first came in. Otherwise, the http signature is validated based on the stored public key, and the delete processes as normal.