ECDAA has been removed from Webauthn spec during the latest spec release

[pmlopes]

While the ECDAA has been removed, nothing forbids that there are implementations out there (yet, no implementation got certified).

Currently the vert.x implementation throws an exception if there is a payload with ECDAA stating that we didn't implement it yet. We should replace this with a "not allowed" or a better wording to reflect that we're not implementing it and that the current spec doesn't support it.