Comment 18 for bug 910708

There is also an intermediate solution:

     Make the functionality to verify signatures using --verify "opt-in" rather than "opt-out"
     (as currently implemented) using --nosignatures.

There's no reason to "dog food" all users with code that is segfaulting where the
priorities get skewed towards MUSTFIX and BLOCKER artificially.

The final behavior WILL be "opt-out" with an explicit --nosignatures disabler. What
is making the issue critical is that most developers are unprepared to add explicit disablers.