Update wording on "response headers" in privacy section to disambiguate from traceresponse headers.

[kalyanaj]

Should we remove this from the Level 1 spec?

Section 6.3 in https://www.w3.org/TR/trace-context/?msclkid=8fb94facc59711eca3572297845ae7e1#other-risks
"When vendors include traceparent and tracestate headers in responses, these values may inadvertently be passed to cross-origin callers. Vendors should ensure that they include only these response headers when responding to systems that participated in the trace."

Assigning to Philippe per our discussion in the WG meeting today for checking if this can be an editorial change.

[kalyanaj]

Daniel pointed out that the above wording is for any responses that include the above information (and not necessarily pointing to the response headers we want to standardize going forward). Per the discussion in the WG meeting, I will update the second sentence (in the current draft, not in Level 1) to remove the wording "response headers" to something like "responses" or response values.