YubiKeys can be configured with a touch policy that requires the user to physically touch the device before it responds to a request. There is very little feedback to the user while it's waiting, other than a small and easily overlooked blinking LED on the YubiKey.

This patch adds a prompt using pinentry, using existing codepaths, to display a "Push ACK button on card/token" message while waiting for the YubiKey.

Since the touch policy in YubiKey is a configurable option within the device, and not all users will enable it, I made this prompt similarly opt-in via configuration in scdaemon.conf.

Test that the prompt works:

1. Configure a YubiKey with "fixed" touch policy for signing, authenticating, and encrypting:
   • ykman openpgp keys set-touch sig fixed
   • ykman openpgp keys set-touch aut fixed
   • ykman openpgp keys set-touch enc fixed
2. Set up the YubiKey as a smartcard in GPG for signing, authenticating, and encrypting.
3. Enable the ack prompt in ~/.gnupg/scdaemon.conf:
   • echo ack-prompt >> ~/.gnupg/scdaemon.conf
4. Perform signing, authenticating, and encrypting operations using the YubiKey.
5. The user should be prompted while the YubiKey is waiting for touch confirmation.

Test that there is no prompt when not configured:

1. Remove the ack-prompt configuration from ~/.gnupg/scdaemon.conf
2. Repeat the above signing, authenticating, encrypting operations.
3. This time, the user should _not_ be prompted.