Implement method to verify signing keys from other forges
Originally discussed in !149860 (comment 1867618022)
Problem to Solve
When customers migrate from other forges commits on those can be signed by system keys. When those commits are then moved to GitLab, they'll still be signed, but they'll no longer show up as verified.
Proposal
It would be good to verify the authenticity of these commits by using the publicly available key from other forges.