This was supposed to be an email only to Pacho, unfortunately I didn't check the "to" line and sent it to the list.
But since it has gone to the list - it would be useful to have an automatic tool scanning for unsigned or incorrectly signed Manifests and maybe listing them in https://qa-reports.gentoo.org/ to let devs know that their gnupg setup isn't working. (It would have been useful for me on a few occasions where I was signing with an expired key.)
signature.asc
Description: This is a digitally signed message part
