[woodruffw]

You could probably use Sigstore[1] for this: it's a free, publicly run CA and transparency log that ties signatures to OIDC identities, meaning that verifying a signature doesn't require maintaining a long-term keychain -- you can simply ask whether the input was signed with the same email identity that mailed it.

The project is currently more focused on software signing, but it's generic over any input under the hood. The bigger challenge here would probably be mucking with whatever signature envelope PDFs use, and ensuring that existing PDF verification tooling can consume Sigstore signatures.

FD: I'm involved in the Sigstore project.

[1]: https://www.sigstore.dev/