limit more keys to the exponent we specify
In 987190c2bc1 we started to require that certain keys have a public exponent 65537.
In particular, it looks like we covered the onion (circuit handshake) key, the onion (handshake) key for intro circuits, and the intro point service key.
A fellow on irc named 'signing_key' points out that we left out K_SIGNING_KEY. He noted that if we had enforced the exponent on that key in the past, CVE-2011-0427 might not have been so bad.
He also points out that we left out the onion key in the microdescriptor. The authorities will refuse the normal descriptor, so it is implicitly filtered now, but if we want it to be filtered we should do it clearly.