Right now it's very well possible that a broken gpg-agent, an expired signing key, or a password forgotten to be typed in due time will make the FEATURES=sign moot, since the commit is completed _before_ the signing take place. To avoid this, it should probably be better to sign something _before_ commit, and fail if it didn't work properly.
It seems that we can start a gpg process with our PORTAGE_GPG_SIGNING_COMMAND and omit the ${FILE} argument. The process will load the key into memory, and wait for us to feed it the Manifest on stdin. So, if the gpg process doesn't exit before we are ready to commit, then that should be enough to validate that it's safe to commit. When ready to sign, we just feed the Manifest to stdin and read the signed Manifest from stdout. Thanks for the suggestion from here: http://article.gmane.org/gmane.linux.gentoo.devel/86418
*** Bug 360459 has been marked as a duplicate of this bug. ***
Since this is a CVS specific commit problem and we have moved on to a git based repository... I am going to close this