Re-land #267 + #269 + #268 (now that STONITH is gone)

[posix4e]

Re-applies the three features that were backed out in #270, now that the actual cause of the failed deploys — the STONITH tunnel hand-off churn — has been removed (#271).

Re-landed:

• #267 Serve noise.ita_token so clients verify attestation without minting
• #269 Pin enclave measurement (MRTD/TCB), observe-only
• #268 Encrypt session history end-to-end to paired device keys

Verification: git diff 2fcab1f HEAD (pre-revert tip vs this branch) is only the STONITH removal (cp.rs + stonith.rs) — i.e. this is exactly "the features, minus STONITH". kill_old_tunnels/self_watchdog stay removed. clippy clean, 82 tests pass.

🤖 Generated with Claude Code

[github-actions]

DD preview ready

URL: https://pr-272.devopsdefender.com

Browser login: visit https://pr-272.devopsdefender.com — DD redirects you to
the GitHub App auth broker. A DD session cookie scoped
to .devopsdefender.com lets the preview, fleet, and
shell hosts share the same login.

Machine-to-machine: GitHub Actions workflows in the
DD_OWNER org pass their per-job OIDC JWT as
Authorization: Bearer … (audience dd-agent).

Register endpoint for a local agent: https://pr-272.devopsdefender.com/register
(authenticated by ITA attestation).