I committed a patch to make signed "the mandatory default", e.g., pkg_add
will no longer install unsigne packages without asking (interactive mode)
or without -Dunsigned.
The build infrastructure does add -Dunsigned during building, of course
(but not for FETCH_PACKAGES obviously), and the current package snapshots
for most relevant arches are now signed.
Not sure whether we'll keep that on by default for the release, but let's
try that...
("average" users don't build their own binary packages, and official
packages are signed anyways... manual use of -Dunsigned should be
exceptional)
