Detect insane dnssec-policies
named-checkconf should warn if a crazy policy is configured. This is a twofold piece of work:
- Determine what are crazy policies (multiple keys with same role and algorithm, very short key lifetime, ...).
- Implement the checks.