I'd like to see the binaries signed with gpg, independent of any signatures required for various operating systems.
I can't imagine a worse scenario than the
bitcoin.org site being hacked and the binaries replaced with wallet-stealing code. All of the developers seem to have gpg keys, how hard can it be to provide a detached gpg signature for the binary?