update system tests so validation won't fail when using IANA key
- all tests with "recursion yes" now also specify "dnssec-validation yes", and all tests with "recursion no" also specify "dnssec-validation no". this must be maintained in all new tests, or else validation will fail when we use local root zones for testing. - clean.sh has been modified where necessary to remove managed-keys.bind and viewname.mkeys files.