Dpkg::Source::Package::V2: Allow detached upstream signatures

Upstream tarballs usually come with detached signatures, which would be
useful to have in the source package, as an additional check that could
be performed to verify its integrity and provenance.

For now just allow the detached signatures to be listed in the file
fields in the source control file (.dsc).

Closes: #759478


Suggested-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>