services/horizon: use IETF standard response headers for rate limiting

[mollykarcher]

What problem does your feature solve?

IETF is currently working on a draft RFC to standardize the usage of rate limiting response headers. This exactly follows the unofficial standard that we were already conforming to, except now we wouldn't need the custom header prefix (X).

What would you like to see?

• [ ] Start populating RateLimit-* headers, with the same values we currently send for X-RateLimit-*
• [ ] Make the same changes in AWS WAF (or work with ops team to do so) so that horizon.stellar.org behavior mirrors the application behavior. We added static values for these headers here
• [ ] Update documentation that references these headers, both internally and externally (ex)

What alternatives are there?

• [ ] Hard cutover to new values, dropping old/custom values. I don't think that's a reasonable option, we'll likely need to keep X-RateLimit-* around, at least for now; certainly until the draft is published, but possibly longer and with deprecation warnings so that clients can move over to the new ones, since this would be a backwards-incompatible change
• [ ] Don't add new versions, and leave it the same. This certainly isn't critical, since we're conforming to the defacto informal standard now. I think this is more a point on relative priority rather than a do/don't do question though