Description
Right now we support a verify option during signing, but not a completely separate verification mode (i.e., where the inputs are verification materials, and all the action does is verify them).
I think this would be useful to have -- it'd help drive "low-effort" adoption of Sigstore signatures, and could be used to write "beacon"-style automated validators for various ecosystems (e.g., ensuring that every CPython release has a valid signature).
cc @tetsuo-cpp and @di for thoughts.