sign MLBF kinto attachments

[eviljeff]

for MLBF attachments (#13616) to be trusted we need to sign them and include the signature in the kinto record submission.

[eviljeff]

https://bugzilla.mozilla.org/show_bug.cgi?id=1621615 for the autograph bug

[eviljeff]

On the back of a recent meeting the current thinking is that signing the bloomfilter is ineffective against the kinds of attacks we'd want to prevent so closing this for now 😞