Clarify ForwardClientCertDetails comments (#3315)

* Clarify ForwardClientCertDetails comments

* update gen files

* fix typo

* remove mention of gateway proxy

* fix default value for gw

Author: leosarra

mesh/v1alpha1/istio.mesh.v1alpha1.pb.html

@@ -273,26 +273,26 @@ message Topology {
 }
 
 // ForwardClientCertDetails controls how the x-forwarded-client-cert (XFCC)
-// header is handled by the gateway proxy.
+// header is handled by a proxy.
 // See [Envoy XFCC](https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/filters/network/http_connection_manager/v3/http_connection_manager.proto.html#enum-extensions-filters-network-http-connection-manager-v3-httpconnectionmanager-forwardclientcertdetails)
 // header handling for more details.
 enum ForwardClientCertDetails {
   // Field is not set
   UNDEFINED = 0;
 
-  // Do not send the XFCC header to the next hop. This is the default value.
+  // Do not send the XFCC header to the next hop.
   SANITIZE = 1;
 
   // When the client connection is mTLS (Mutual TLS), forward the XFCC header
   // in the request.
   FORWARD_ONLY = 2;
 
   // When the client connection is mTLS, append the client certificate
-  // information to the request’s XFCC header and forward it.
+  // information to the request’s XFCC header and forward it. This is the default value for sidecar proxies.
   APPEND_FORWARD = 3;
 
   // When the client connection is mTLS, reset the XFCC header with the client
-  // certificate information and send it to the next hop.
+  // certificate information and send it to the next hop. This is the default value for gateway proxies.
   SANITIZE_SET = 4;
 
   // Always forward the XFCC header in the request, regardless of whether the