fix(crypt): refresh keys from default keyserver if they miss origin

Add the possibility to provide a default keyserver from which to
refresh/download keys. The key refresh procedure now tries to
download keys from, in this order:
1. a default keyserver (keyserver_url), if specified.
2. the keyserver indicated as 'origin' in the key, if any.

Keys that could not be refreshed do no longer trigger an error,
instead, a warning is displayed.

Closes #5