etc/: add the fresh DNSSEC root key "KSK-2024" already
The key still won't be used for some time, two years maybe, but I think it's better to preemptively trust it already. (outdated machines, etc.)
Some evidence that it's not just a hash of my private key:
Edited by Vladimír Čunát