Support for signing tars and zips with detached signatures was added into SignTool: #16035. We should add verification for these detached signatures in SignCheck. SignCheck would need a way to accept additional signature info for these signed artifacts (signature file, public key)