Only revoke weak RSA keys now, add 'next' and 'future' levels
This implements a couple of bits:
- Adding an audit level to the download methods so they can issue audit messages
- Introducing a LaterWorthless level that is like SoonWorthless but issues audit messages
- A new function with test cases that checks a public key string against an assertion list
- New future and next levels that issue audit or warning levels for keys not allowed in them.
This allows us to revoke <rsa2048 now, have warnings for uncommon keys like Brainpool, and issue only audit messages for NIST keys (and RSA3072).
Fixes: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/2073126
Edited by Julian Andres Klode