Add "insecure" opt-in for Trustee AS/KBS token signing/verification

[mythi]

Describe the bug

Triggered by #483.

It seems it's rather easy to create an insecure environment with the default configs where AS token signer material and/or KBS tokenverifier ‎trusted_certs_paths are not set.

The proposal is to add an "insecure" opt-in similar to how the existing insecure_* switches work to at least in the tokenverifier to fail tokens if the opt-in is not enabled.

How to reproduce

Run Trustee KBS with one of the default kbs/config/*.toml without trusted_certs_paths. With that, the following takes place

trustee/kbs/src/token/coco.rs

Lines 93 to 96 in 5c973bd

	let Some(trusted_store) = &self.trusted_certs else {
	log::warn!("No Trusted Certificate in Config, skip verification of JWK cert of Attestation Token");
	return Ok(serde_json::to_string(&claims_value)?);
	};

CoCo version information

trustee v0.9.0

What TEE are you seeing the problem on

None

Failing command and relevant log output

N/A