1. I accept there's a requirement for a second level of verification on the signature, but I can't see how that's avoided in any scenario (that is, the signing is orthogonal to the verification).
2. That's the point though. The person doing the commit takes responsibility. The individual commits are still there before the merge (including signatures), so there's no loss of responsibility or credit before the merge.
2. That's the point though. The person doing the commit takes responsibility. The individual commits are still there before the merge (including signatures), so there's no loss of responsibility or credit before the merge.