[hvdijk]

They don't. The comment was on labelling. There is nothing in the presentation of unsigned commits to indicate that they are unsigned. The presentation is indistinguishable from that of a hypothetical GitHub that never shows commit signatures, you need to have seen a signed commit on GitHub at some point to know that the absence of that Verified note is significant.

[jfrunyon]

Correct. Which is also how git works. And there is a very good, very simple, reason for why both work this way: very few users sign their commits, even fewer want to/care about signing their commits, and even fewer verify those signatures.