> I think the current system is already overkill so adding the benefit of adding second location is negligible
the hash is worthless anyway without two signatures
> It would not add any security. If one maintainer gets fully compromised than they could replace both text files.
That’s why we added the second signature, two maintainers getting fully compromised is rather unlikely.