Access control for QUIC connection migration

[maskit]

10.4. Migration
Certain HTTP implementations use the client address for logging or access-control purposes. Since a QUIC client’s address might change during a connection (and future versions might support simultaneous use of multiple addresses), such implementations will need to either actively retrieve the client’s current address or addresses when they are relevant or explicitly accept that the original address might change.

ATS checks ACL (ip_allow.config) only when a new connection starts. But it may need to be checked again when clients moved to other networks.

[github-actions]

This issue has been automatically marked as stale because it has not had recent activity. Marking it stale to flag it for further consideration by the community.