Implement method to verify signing keys from other forges

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

• Close this issue

Originally discussed in !149860 (comment 1867618022)

Problem to Solve

When customers migrate from other forges commits on those can be signed by system keys. When those commits are then moved to GitLab, they'll still be signed, but they'll no longer show up as verified.

Proposal

It would be good to verify the authenticity of these commits by using the publicly available key from other forges.