Extends direct trust well-known endpoint lookup

[Zicchio]

When looking for the Credential Issuer at the /.well-known/jwt-vc-issuer endpoint, we look for the endpoint built by putting the well known component between the host and the path of the Credential Issuer.
For example, if the issuer is http://organization.example/path-element, we look at the http://organization.example/.well-known/jwt-vc-issuer/path-element endpoint.

While this is the correct behaviour according to the SD-JWT for VC specs, we observed that in practice some Credential Issuer might not comply with that requirement due to technical challenges and, instead, they might publish their keys by appending the well known endpoint at the end of their URL, so in the example above they might publish at the endpoint
http://organization.example/path-element/.well-known/jwt-vc-issuer.

To simplify the job of the Credential Issuers, we can consider and evaluate a key lookup strategy that searches for the keys in both endpoints.

[peppelinux]

I really was pretty sure that this would have happen.

for the sake of the interoperability, I kindly suggest to handle a second call with the "federation-like" approach