> Uh, how silly. Either you trust someone with the whole tree or you don't
> trust them at all.

Why not build something around a "web of trust" with pgp signatures? Have an  
open tree where people could submit anything that passed autotests. All  
submisions would be signed. Signed content could only get updated buy user  
with same signature or dev with higher trust for that area.

The choice of trust-level is then up to the sys-admin.

This idea is a bit rough, but I think it could be intresting to build on.

/John