The recently released skeema/knownhosts v1.3.0 introduced a HostKeyDB type that extends the HostKeyCallback functionality to support @cert-authority algorithms in its key HostKeyAlgorithms discovery functionality.

known_hosts files may contain lines with @cert-authority markers to represent a certificate instead of a key. If a git remote uses cert authorities as the preferred host identification mechanism, the functionality added in skeema/knownhosts v1.3.0 is needed so that go-git can interact with this remote and verify it.

This was previously implemented on #1157 and reverted on #1346 due to #1341.

We can re-add this to v5, provided that we have enough regression testing and affected users confirm the regression is no longer in place.

cc: @Javier-varez @evanelias