Implement the DNSSEC support in query
Only positive matches for now. This looks like someone already prepared for it, it only needs to passing the intent to few functions and everything handles itself well. Also updated tests, since the utility function gets confused by the RRSIGs. Not fixing the function for now, it looks complicated, because the problem is in it's design - if it happens to be just this one case, it will be easier.