Anyone out there at GitHub: could you please add support for adding an SSH CA key to a repo and then enforcing that commits be signed with a certificate signed by that CA? This is already supported in git, and would let orgs just upload their CA and enforce signatures without needing to manage keys for individual users.
@mjg59
How does that support in git handle expiry?
@robryk what do you mean?