Description
Follow up to bitcoin/bitcoin#16223. It was mentioned in that PR that we could do some additional checking for signed ACKs, and verifying signatures:
laanwj: This could also check "signed ACKs" (and say, mark them specially, if they match the expected key for the user) if we're going there in the future.
instagibbs: laanwj I was going to suggest that as a stretch goal, so concept ACK that. Would be nice to see local pgp sigs validated.
marcoFalke: Ideally, the signature would be preserved, so that a user could verify them at a later point in time. Though, having the maintainer verify them and include the result is already helpful.
We might have to come up with a serialization of the signatures into the merge commit body. Maybe petertodd has some tips on this.
Moved this issue over from bitcoin/bitcoin#16280.