Arch have only recently adopted package signing to pacman, and while Gentoo have had package signing for some time (I understand), many package developers don't bother to sign their packages.

My questions are, for a desktop user like me who's only looking to learn more stuff about Linux and not fill my drive with countless programs:

1. Is package signing that big of a deal if I only use packages that I know are signed?
2. Don't pacman and portage allow one to see whether a package is signed?
3. And what about dependencies? Won't it defeat the purpose of package signing if a package manager installs loads of unsigned dependencies?
4. Won't every package have to be signed or none?

IMHO package signing has nothing to do with what purpose you use Linux for. Signing is an assurance the package you use has been approved for release (accountability) by a certain publisher (reputation) and has not been tampered with (integrity). Partial package signing obviously doesn't prove anything wrt unsigned components but at least it's not as worthless as relying on package hashes. That doesn't prove or guarantee anything at all. In terms of accountability and integrity verification it indeed would be the best if every package gets signed.