Request that downloads be verified, with GnuPG when available.

Hello,

Many packages are downloaded in an insecure manner and left unverified. I would appreciate signature verification if it is not too cumbersome to add. Inasmuch as there are users of this script, such an addition would benefit those users.

I may be able to submit a pull request if I have time, but my immediate interest is, hopefully, being able to take the proper configuration this project describes and add that to crossdev, which integrates with portage and has signature verification for downloaded packages.