bridge lines should be able to list ed keys rather than 1024-bit rsa fingerprint

In the beginning, Tor relays and then also bridges had 1024-bit rsa keys as their identities. When we invented the bridge line, we put a fingerprint of the identity key as one piece of it so clients can make sure they are really reaching the bridge they meant to reach.

Then we added an ed25519 identity key because 1024-bit rsa isn't so good anymore, and the reason it's ok to have both is that the consensus binds the two keys together for each relay.

But for bridges, because they aren't listed in a trusted consensus, there's nothing currently that reassures the client that the sha1-of-1024-bit-rsa on the bridge line "really" matches up to the ed25519 key that they learn when fetching the bridge descriptor from what they hope is the bridge.

We should design a way to say the ed25519 key or fingerprint on the bridge line, and eventually transition to preferring that safer approach.