Apt has support for authentication for private APT repository servers.
I was wondering if I were to build such (or similar) functionality for rosdep, would this be something that the maintainers accept in a pull request or is this something that is beyond the scope of OSRF/rosdep?

AFAIK only authentication for proxies is supported which is different from what APT offers.