Right know we only planned to sign the repo database, so we can trust
the sah256 of the packages stored in the database. Then if the package
has the same sha256 as the one in the repo database it is considered
If we want a per-package signing, we would have a tarball in a tarball.
I really expected this to have been mentioned already, but this approach (tarball in a tarball) is taken by Debian packages, and I don't remember hearing of any issues related to it. I don't think it's worth discounting from the start without giving some considerationg, but I will defer to the people actually doing the work.
If you use libarchive-style streaming, it's even
pretty straightforward to read and extract such
things without having to create a bunch of