Improve default key management experience

[trishankatdatadog]

• [x] Push snapshot key, just like timestamp, to Notary server.
• [x] Reuse targets key, just like root, across bundle repositories.
• ~[ ] Delegate all bundles from targets totargets/releases` for better security posture.~

[trishankatdatadog]

The only comment I have is that this PR does diverge from the Docker CLI behaviour in a way we agree is helpful. However, there might be scenarios where users might actively want to have different pairs of root and targets keys for different bundles, scenario that is not covered by this PR.

I don't think we should hold up this PR because of it, but it would be fantastic if users / implementors could have this choice.

Agreed. I will file an issue to allow users to use different pairs of root and targets keys.

Also, before merging, could you please clean-up the commits so we have a clean commit history?

Sorry, could you clarify this?

[radu-matei]

I mean that there are a few commits in this PR that, if they ended up in the main branch commit history, wouldn't add that much, but significantly pollute the overall history.

So ideally, you would squash some commits and only keep the logical commits that make sense. (And maybe rewrite their commit messages.)

(It is a sensible middle ground between squashing all commits into one, and keeping all of them),

[trishankatdatadog]

Squashed commits! Hopefully much cleaner.

[radu-matei]

This is excellent, thank you so much!