I think people are missing an important concept here (I might have missed it somewhere)......Key signing can be a security threat.
Key signing can be a security threat. Of course what is a 'threat' or not depends on your threat model. If you are running a server for a corporation, yeah, I can see how anonymity could be low priority (no way you are going to 'hide' Google or Amazon.com inside of the darknet). However if you are an end user, perhaps some kind of 'hacktivist', leaving your 'web of trust' all over the internet is F--KING STUPID!
Using key encryption is a poor way to protect your anonymity. Actually, its like pouring gasoline on a fire to put it out. It does the OPPOSITE. It might offer some degree of encryption to protect your communication from your ISP or anyone without the right key, but other software can do that BETTER. Yes, better. What you sacrifice for your encryption is leaving your fingerprint that can be tied back to you. It makes a web that identifies you more than any cross-site cookie ever could. It tells the world every single thing about what you have been up to and where, in regard to things you signed off on. Every download, every extension, every app downloaded in your repo.....It tells the world about the person using your computer, you.
So really it depends on your threat model. I hack my apps anyway, and examine their config settings. I like setting my own dependencies rather than having Ubuntu tell me I need DNSMasq installed by default broadcasting my 'localhost' to the outside world after an update....I try to remove it and it breaks my network manager....Just terrible. I like the flexibility of arch.
I am coming from Chakra, but I realized I do not like KDE. So I might go with Liquid Lemur as a starting point, or I might try my hand at a clean install of Arch-Linux.
All this talk about how they do not use signing has CONVINCED me to use Arch again, after considering Gentoo/Sabayon. I am not somebody who wants to string a big 'web of trust' around the net when I am trying to protect my identity instead.