Split CLI for managed and unmanaged trust anchor modes

Original interface with single -k option whose behavior depended on file permissions was confusing.

Closes #145 (closed): Added two separate command line argument for keyfile for managed and unmanaged mode. Removed setting based on folder and file permission.

Closes #168 (closed): Added makefile variable KEYFILE_DEFAULT to specify default keyfile, which is used when no other keyfile is specified. This is mainly useful for distributions which skip root keys.