[9.18] chg: doc: Add a note on pregenerating keys

With `dnssec-policy` you can pregenerate keys and if they are eligible, rather than creating a new key, a key is selected from the pregenerated keys. A key is eligible if it is unused, i.e it has no key timing metadata set.

Backport of MR !10385

Merge branch 'backport-matthijs-clarify-pregenerating-keys-9.18' into 'bind-9.18'

See merge request isc-projects/bind9!10389