Add initial design for signing service

This will give us a system that can be driven by tasks in a workflow to produce signed source packages from unsigned binary packages. It is inspired by both Debian's current code-signing and Ubuntu's lp-signing, although it is a new design that relies on other aspects of debusine.

This is my second attempt at a design for this feature, superseding !492 (closed). A few things I want to highlight as particularly needing attention:

• Is the task/artifact assembly I've suggested here reasonable?
• What do people think of the signing key management approach proposed here? There wasn't full consensus on this in !492 (closed), but the context is different now that we're going for our own signing service linked more closely to debusine.

Fixes: #272 (closed)