MSC for DMs as the channel for SAS verification

It's been suggested that a lot of the E2E cross-signing etc. UX could be improved if all of the 'security events' (SAS-verifying another user, etc.) appeared in and were managed through DMs rather than to-device messages.

This issue is a placeholder to represent that thinking about the viability of this approach is a blocker to reaching final designs for the E2E UX generally.