The TUF folks posted an end-to-end security proposal for PyPI. We'll almost certainly adopt it in one form or another, the only question is when.
Given the challenges of working on the legacy PyPI code base (it has next to no automated tests, making it incredibly fragile), it will be some time after Warehouse reaches a sufficient level of maturity that the PyPI maintainers swap it in as the production PyPI implementation.