This commit adds a second GnuPG key and signature verification info
We add Sebastian's GnuPG key, move Erinn's key into a sub directory,
add a README to explain Tor's signature verification process, and
we include both keys in the Python setup.py. We use both keys in the
key ring to verify the signature.
In the future, we probably also consider depending on the
package 'deb.torproject.org-keyring' from deb.torproject.org or
including the keys included in that package.