ClientTrustConfig is currently a private type, via sigstore._internal.trust. We should consider making it public, so that methods like Verifier.from_trust_config(...) can also be made public.

See: #1010 (comment)