Implement backend-agnostic caching

[gnarea]

Describe the problem

Since we don't currently support any form of caching, anyone who needs it would have to roll out their own mechanism, which is already a bit complex with vanilla DNS but extremely complex with DNSSEC.

Describe the solution you'd like

We could create something (e.g., a function, a class) that wraps the resolver passed, and skips querying records already in the cache.

This should ideally be agnostic of the underlying backend/storage, but we should provide an in-memory one in this library. We'll probably want to use one backed by Redis in the Vera CA server, for example, in which case we'd implement it in a separate NPM package.

Additional context

Relevant RFCs

There may be more relevant RFCs, but here's what I found after a cursory check:

RFC 4033

Excerpt from Section 6:

A security-aware resolver should take a signature's validation period
into consideration when determining the TTL of data in its cache, to
avoid caching signed data beyond the validity period of the
signature. However, it should also allow for the possibility that
the security-aware resolver's own clock is wrong. Thus, a
security-aware resolver that is part of a security-aware recursive
name server will have to pay careful attention to the DNSSEC
"checking disabled" (CD) bit ([RFC4034]). This is in order to avoid
blocking valid signatures from getting through to other
security-aware resolvers that are clients of this recursive name
server. See [RFC4035] for how a secure recursive server handles
queries with the CD bit set.

See also Section 8.1

RFC 4034

Sections 3.1.4 and 3.1.5. Also Section 4, when we eventually support DoE records (see #17).

RFC 4035

Sections 4.5, 4.7 and 5.5.

RFC 5155

Section 9.1, when we eventually support DoE records (see #17).