Don't show the option to sign revoked subkeys
I can't think of a reason someone would want to sign a revoked subkey, so the option to sign them shouldn't be shown in the CLI or GUI interfaces.
Possibly the same should apply to expired keys.
To upload designs, you'll need to enable LFS and have admin enable hashed storage. More information