This is an interesting idea. Cross checking on multiple build mashines
with private signed email (containg the checksums of source and
binary, stripped away from machine specific data) send to the
signatories - this all makes it alot difficult for someone to crack.