crypto/x509: CANotAuthorizedForExtKeyUsage is a bogus error [1.10 backport]

@FiloSottile requested issue #24590 to be considered for backport to the next 1.10 minor release.

> Based on discussion with @agl, we will go back to only enforcing nesting (and returning CANotAuthorizedForExtKeyUsage) when the EKU is being asserted in Verify.
> 
> @gopherbot, please open a tracking issue for backporting to 1.10.
