feat(securejoin): do not create 1:1 chat on Alice's side until vc-request-with-auth

[link2xt]

vc-request is an unencrypted message
that Bob sends when he does not have Alice's key.
It also does not contain
Bob's avatar and name,
so the contact has only the email address
at this point and it is too early
to show it.

[link2xt]

This is another preparation for PGP-contacts (#6683). Incoming vc-request is an unencryped message so it results in a creation of an email-contact rather than PGP-contact. I do not want to show a 1:1 chat with the email contact at this point, so postpone it to vc-request-with-auth which is always an encrypted message.

It is technically possible to special-case vc-request message and create a PGP-contact entirely from the Autocrypt header, but at this point the chat is not going to be verified and there is no cryptographic proof that Bob wanted to get in contact with Alice, while for all other securejoin messages we require an Autocrypt-Gossip key to ensure that Bob wanted to send a message to Alice:

core/src/securejoin.rs

Lines 295 to 310 in 8a5a67d

	if !matches!(step, "vg-request" | "vc-request") {
	let mut self_found = false;
	let self_fingerprint = load_self_public_key(context).await?.dc_fingerprint();
	for (addr, key) in &mime_message.gossiped_keys {
	if key.dc_fingerprint() == self_fingerprint && context.is_self_addr(addr).await? {
	self_found = true;
	break;
	}
	}
	if !self_found {
	// This message isn't intended for us. Possibly the peer doesn't own the key which the
	// message is signed with but forwarded someone's message to us.
	warn!(context, "Step {step}: No self addr+pubkey gossip found.");
	return Ok(HandshakeMessage::Ignore);
	}
	}

It is not nice that vc-request message results in automatic reply without anything visible on Alice's side, but this is already the case for vg-request messages.