remove /etc/bind.keys

bind.keys was used for the root key because we were concerned about people setting up DNSSEC on old servers that didn't have the current key built in. Nowadays, 1) DNSSEC is on by default, so old servers probably wouldn't be having DNSSEC turned on for the first time; 2) with packages, there are fewer outdated servers running; 3) the root key rollover cadence is quite slow. So it's safe to get rid of bind.keys and rely on the built-in key from now on.