This sounds all very good. In practice, the difference would unfortunately be only slight: Most packages have no signature, mainly the gnu packages do. But it would be useful for the cases where signatures exist, and show our commitment to security.
Andreas