Remove the signing workflow for backfill attestation checks

[josephsweeney]

• [x] Have you followed the guidelines in our Contributing document?
• [x] Have you checked to ensure there aren't other open Pull Requests for the same change?
• [x] Have you added an explanation of what your changes do and why you'd like us to include them?
• [x] Have you written new tests for your changes? Here's an example.
• [x] Have you successfully run brew style with your changes locally?
• [x] Have you successfully run brew typecheck with your changes locally?
• [x] Have you successfully run brew tests with your changes locally?

---

Some backfilled bottle signatures were signed from different branches of trailofbits/homebrew-brew-verify, so the signing workflow is slightly different which causes some bottles to incorrectly fail when checking their attestation (apr for current example of a broken bottle). The simplest way to solve this is just removing the backfill repo cert-identity check and just rely on the repository and attestation date falling before our cutoff. This shouldn't meaningfully affect security because if somehow someone could generate false backfill attestations from a different workflow (the only case this protects against), we will still catch it because the attestation would have been generated after our cutoff date.

[josephsweeney]

Just tagging @woodruffw so he can chime in if need be.

[woodruffw]

Thanks @josephsweeney!

To summarize: this does not remove the backfill verification check, but instead removes an (incorrect) overly strict scope on which refs are considered valid signing identities for backfilled signatures. This should not affect the backfill's security at all, since the cutoff date remains unchanged.

[MikeMcQuaid]

Thanks @josephsweeney and others for review!