Require signatures from each signing-capable subkey

In general, if a certificate has multiple signing-capable subkeys, we want to sign with all of them.

See the discussion around multiple signing at https://mailarchive.ietf.org/arch/msg/openpgp/SZtmih-cXHdnFB5c-GM83ncXyfE for context.