Local caching may be worth sorting out here, and might touch on the OTA-912 filesystem structure and OTA- if folks don't just hold these in memory. Just-in-time signature fetching could work too, if we wanted to punt caching out to OTA-913.

When we address caching, we'll want to think through what to do about the possibility of multiple signatures.  Release images only get a single signature today, but additional signatures are theoretically possible and would fit into signature-2, etc.  Do we grow a Cincinnati-config knob that says "don't bother trying to fetch more than one signature for a particular digest"?  Do we hard-code the one-signature policy?  Do we allow multiple signatures but cache "I checked upstream for a 2nd signature for that digest within the past day" and then 404 anyone requesting that signature-2?  Other?

Definition of Done: 

• cincinnati is able to cache the release signatures.