> I wonder if it was possible to make the signature part of the +-files, and
> if present do the sigature checking?  Just like what we do for +MESSAGE
> files etc.

It would make verifying the signature a bit messy, since the signature
obviously couldn't cover the +SIGNATURE file; you'd have to be able to
reconstruct the tarball as it was without the +SIGNATURE.

An alternate approach would be to double-wrap things -- have a tarball
containing the package tarball and a +SIGNATURE file, and then unwrap
the inner tarball if the signature verifies.