Set AC timeout value to 3 seconds and describe tradeoffs

Set AC timeout value to 3 seconds and describe tradeoffs

As discussed on the Evergreen Development mailing list, the higher the
AC timeout value, the greater the risk of a denial of service. 30 is
therefore too high to be comfortable as a default setting, so we're
dropping it down to 3 as a compromise between the original value of 1
(which resulted in a number of request timing out where added content
was actually available) and the much-less-safe 30.

In addition, we document inline the risk/reward of different values and
provide some justification for the default value that we chose, so that
Evergreen system administrators will have guidance when tweaking this
setting.

Signed-off-by: Dan Scott <dscott@laurentian.ca>
Signed-off-by: Mike Rylander <mrylander@gmail.com>