Don't use 'dnssec-signzone -P' unless necessary

Most of the test zones in the dnssec system test can be verified.
Use -z when only a single key is being used so that the verifier
knows that only a single key is in use.

bin/tests/system/dnssec/ns6/sign.sh

@@ -24,4 +24,4 @@ keyname=$("$KEYGEN" -q -a "$DEFAULT_ALGORITHM" -b "$DEFAULT_BITS" -n zone "$zone
 
 cat "$infile" "$keyname.key" > "$zonefile"
 
-"$SIGNER" -P -3 - -A -o "$zone" "$zonefile" > /dev/null 2>&1
+"$SIGNER" -z -3 - -A -o "$zone" "$zonefile" > /dev/null 2>&1