But I won't even have that problem. I may simply choose not to sign badly coded modules. And that's the end of it. No chance to distribute your module if it's not signed even if I have no direct control over the distribution system. Signed data can take care of itself. I don't know if that's a good or bad thing depending on how picky the holder of the key is, but you can't deny it's really cool from a technical standpoint.
Technically it is very interesting, but I think you're trying to solve a problem that doesn't exist.
If the addon authors are required to submit code to you for review and signing, then this isn't any more convenient than uploading to an addon site.