Add design for split source+binary upload signing

Colin Watsonrequested to merge
cjwatson/debusine:design-split-source-binary-signing into devel

Part of #944 (closed).

/cc @hertzog

Merge request reports