mark salt as ignored in jessie

Older version of stack don't have master signature verification code at
all, so there is no expectation this would be secure in the first place.

Also clarify that both the patch that enforces signing and the patch
that disables the check by default are necessary.