RFC: Optional cryptographic identity layer for gitagent manifests

[aeoess]

Closes #70. Adds spec/rfcs/identity.md per @shreyas-lyzr's review on the proposal thread.

Three asks from #70 addressed:

• Revocation discussion (Section 5): required JSON shape, 24-hour cap on cache age, cascade semantics. Tight enough that two implementations resolving the same passport_uri reach the same answer.
• Two-deep delegation example (Section 4): research-agent → trading-child with the full canonical-bytes verification flow.
• Non-goals (Section 6): wire format of signed outputs, mandatory adoption, PKI infrastructure, runtime enforcement details, quantum-resistant variants, sub-agent topology.

Plus the structural points from the response:

• Provenance vs. runtime delegation split (Section 2): keeps the two concerns clean.
• identity block inside agent.yaml, not a separate file (Section 3).
• Verification semantics in the spec, enforcement in the runtime (Section 3, end).
• Naming: identity.public_key, identity.key_fingerprint, identity.passport_uri, identity.signatures.<scope>.
• Cross-walk to Agent Passport System (Section 7) as one reference implementation. APS doesn't lock the spec; the table maps agent.yaml.identity.* to APS primitives so a thin (~30-line) adapter satisfies Section 5 against any APS endpoint.

The identity block is additive and optional. Existing agent.yaml files validate against the v0.1.x schema unchanged.

Open questions deferred to future RFCs (Section 8): multi-signature thresholds, agent-to-tool delegation, cross-repo parent resolution, conformance test vectors.

cc @shreyas-lyzr