All APKs will require a signed developer certificate.
I doubt they will be signing keys for developers who circumvent Google's services, or that violate their ToS.
They're copying this scheme from Apple in Europe, when it was forced to allow other app stores.
In that case, Apple revoked certificates for apps it didn't like, such as P2P/torrents. Mind you, these were NOT apps that were not hosted on Apple's App Store.
All APKs will need a valid Google developer signature.
Doesn't matter if it's installed from GitHub or F-Droid, no signature, no installation.