David Bremner <david@tethera.net> writes:

> Have an empty list of signatures is not the nicest mechanism to signal
> complete failure to verify, but it's the one we currently have.

merged patches 4,5,6, 8&9 to master.

I'm nerving myself up to push 7 (it's a bit traumatic to see BROKEN
messages from crypto tests), and I think I'll skip 10 for now.

d