More robust UDF signing
#19664 (closed) happened because of glitches in the RM process. if you have two trusted machines, and you generate UDF on one, commit (ie: c7328ed8), then pull&&sign on the other.
The current code will not sign the UDFs, because they're not new to git. It would sign them if I manually rsync'ed the UDFs, but that's not what I did.