Support Automatic Key Rotation via the Metastore #99
Description
This depends on #23
We should allow automatic rotation to be configured in the MetaStore such that an attempt to use an overly old key automatically (and silently) triggers creation of a new key. This will maintain the invariant that "No data is encrypted with a key older than $ROTATION_TIME." while not causing needless rotations when no encryption is occurring.