Re: They missed a trick
Anything that involves a translation means things can get LOST in translation, especially if a system is heavily used. START with an ASCII log, THEN work from there on an AUXILIARY basis. Until you can prove yourself able to dig through a mangled journal on a crashed drive using a raw sector editor (because the system you're using for the post-mortem may not even be a Linux machine, so forget about one that groks a binary log to say nothing of an extended filesystem), don't even get started.
Why MUST the log be binary for forward-secure sealing? Why not encode a TEXT log and append the Hex-encoded hash to the log? You get your signature AND maintain an ASCII log that can still be read in the event of a disaster. It's nothing more than a blockchain, and you don't need to use binary formats to create a blockchain.
As for enclosing those utilities, remember the old Microsoft mantra? The three E's? Embrace, Extend, and Extinguish. This seems like a blatant attempt to usurp baseline utilities and take over their control so that no one else can keep up? Look at what happened to udev, which was working pretty well all by itself. Between it and the existing init systems, you'd be well on your way to solving most of the existing problems with dynamic hardware, containerization, and so on while still keeping things distinct.
And what about Bug #5644? In any other circles, this would be a Drop Everything because it breaks a cardinal rule of Linux (Don't allow easy tampering of the root). Here it's a WONTFIX. And not because it's a non-issue, because no real reason is given for ignoring the issue. Where I come from, we call that "taking the ball out of spite" and consider this a sign the project is Not Ready for Prime Time and the head to be blackballed.
Frankly, if they could demonstrate one clear and present need that systemd AND ONLY systemd solves by its particular methodology, we'd probably pay at least some attention to it. But until then...