Exit relay lifecycle

As we have a lifecycle for new non-exit relays, we should think about creating a similar process for new exit relays.

For example, in the first phase, the new relay wouldn't exit any user traffic, and the relay would be used as Middle/Guard node. Then, in a second phase, we would scan the new exit to test their DNS resolution, bandwidth capacity, and they would exit some user traffic. Finally, they would receive the exit flag and operate in full capacity. I believe if this process takes one month or 45 days, that would give a good time frame to detect some attackers. The exit relay lifecycle would increase the quality of trusted exits by raising the bar for bad relays; it would make bad relays operations slower and more expensive.