> is there any particular disadvantage or centralization of power implied in > me signing this message with my PGP key?
IMHO none (except for the extra inocnvenience of periodically typing in the [long!] passphrase and hitting an extra key).
> If not, is there any particular reason that I shouldn't do this all the > time?
See above. :-)
> It's not a solution, but is there a downside?
It depends on what you mean by signing. Signing a message in and of itself ought not hurt anything modulo software bugs, etc. But the real question is what does the receiving program (MTA, MUA) do with that signature? At the very least it could verify the signature, but then what? If it doesn't verify do you drop it? (transitive trust comes into play, but most likely). Does it do anything beyond that?
1. IMHO if the sig doesn't verify - you drop the e-mail (just like if IPsec packet comes with a corrupted MAC, you drop it).
2. Spammers might just generate one-day PGP key, self-sign it, upload to a server - and voila! - for this day they're free to send.
So the trust will have to be established, only certain signatures be accepted, etc. This means - a closed list. I'd be OK with that, actually.
Let me ask something in return: do you think that just the act of signing mail -- with no trust roots implied -- could help? My sense is that it might in a sow-the-seeds kind of way for some later goodness (it's as you say not a solution). I too would be happy to hear downsides.
It might be good - but I think it will be ineffective in spam-war.