I don't think performance is an issue. My alpha (F.ROOT-SERVERS.NET) is not
among the fastest machines Digital makes, but it can verify hundreds of PGP
signatures per second (assuming an even distribution of sizes from 1K to 10K.)
I also don't think random signatures are a problem. The right way to approach
this is that if a message submitter is not in the relay's web of trust -- which
means any NANOG member can "sign up" any new NANOG member -- then it dies on
the floor.
I think there are plenty of people here willing to donate the time and the
machinery for this, but the question remains: is MERIT willing to put it in
place and let the volunteers run it?