Support for HSMs for CA key storage.
I mentioned a few design options in the RFD, but wrote the rest of it
based on my preferred option. It's not set in stone, so speak up if you
think the high-level approach is wrong.
Most of the complexity lies in backend storage and CA rotation. Actually
talking to HSMs over PKCS#11 is relatively simple.