sign snapshots and nightly builds with a low trust buildbot key

These should still be signed, even though a truly trusted key can't be used as there's no human involved in the process. With TLS alone, there's trust that every CA able to issue `org` certificates is not malicious/incompetent. It would be nice to have another way of verifying the authenticity of a snapshot, as we can with the release tarballs themselves.
