A huge swath of clean-up has just hit the trees. Most specifically, now that it works, the "signing-only" code has been moved into a separate "pkg_sign" command.
This is partly for documentation purpose: it's much simpler to document the parameters to that command separately, instead of as additions to pkg_create(1) proper. pkg_create(1) still retains the ability to create signed packages on the fly, if people want to create their own signed packages (not recommanded for really paranoid people, since the build process can be "dirty"), but signing existing packages is really a mostly independent process (the only common part is signing packing-lists) so it makes more sense as a separate command.