That's what they do in DKIM signing of emails. But if you want to go that route, there are easier solutions. For example, Github and Gitlab expose your SSH keys at a specific URL. You could use those (for ssh signing) if you trust the account. Another even easier method is to use something like cosign (sigstore) if you trust a PKI. Or you could use WebFinger to advertise signify keys or Web Key Directory (WKD) to expose OpenPGP keys, etc.