Key Management for package encryption

[selfcommit]

This issue is being presented as an opportunity for the Github community to make any further suggestions about implementation before an attempt is made to implement a solution.

Work will start on or about July 13

Details from the Simian feature request doc are below:

Problem:
Crypto signing manifests, catalogs and packages is a desirable but not currently implemented feature.

On a static munki server, the admin has access to their own server and likely trusts the hardware, and it likely may be on customer premises.

Simian is auto generating manifests, auto concat'ing catalogs, etc, there becomes a question of not only where to store both public and private keys, but also how to design the {client,cloud,admin} workflow such that an org running Simian can earn real increased certainty that their fleet only runs legit pkgs.

Solution:
Develop a method of key management that is effective in a cloud computing environment (such as Appengine)