Warn user that search-sha1 option is dangerous

[JeremyRand]

We should warn the user that the search-sha1 command-line option is dangerous, due to SHA1 collision risk. In particular, if the user is issuing a command that increases the privileges of a certificate, and the creator of the certificate is malicious, the user might be inadvertently increasing the privileges of a completely different certificate too. The user should only use this option if one of the following is true:

• The requested operation does not increase the privileges of the specified certificate.
• The user fully trusts the creator of the specified certificate with whatever increased privileges are being requested.

[JeremyRand]

(Side note: funnily enough, using the Name Constraints property is probably more secure than relying on the certificate's Name Constraints extension, because the extension is likely to be more vulnerable to CryptoAPI's SHA1 usage than the property is. Too bad Microsoft doesn't document the property. shrug)