Cached RRSIGs need to be more tightly bound to the covered RRset

It is currently possible for the RRSIG's to be deleted from the cache while the covered RRset remains (e.g. removed for space reasons). This causes problems for downstream validators as they won't get the RRSIGs returned along with RRset requested.

Provide a mechanism to tightly bind the RRSIGs to the covered RRset so that they can't be deleted separately. Perhaps adding methods

isc_result_t
dns_rdataset_addrrsigs(dns_rdataset_t *rdataset, dns_rdataset_t *sigrdataset);

isc_result_t
dns_rdataset_getrrsigs(dns_rdataset_t *rdataset, dns_rdataset_t *sigrdataset);

could be used attach and retrieve a RRSIG RRset to a non-RRSIG RRset. The cache would no longer maintain seperate RRSIG RRsets but return those bound to the covered RRset.