I've done more than the white list. I also did the Nintendo zone list. I'll edit the post until I experiment with TWL. But I have no clue why anybody would want to spoof TWL (it's probably just a bad example) or how changing the .CIA version would break more than is already broken. The files are not downloaded as a .CIA. 3DNUS packs them into a .CIA and doesn't use a valid signing key to do so.
There is no 'CIA version'! There's a CIA revision number to specify the version of CIA it is (always 0x0000, there's only one revision of the CIA format), but that's it. CIAs are not signed, because all of the content within them is. Essentially: If you can't install a CIA on stock NATIVE_FIRM, it will break on loading. You avoid the signing checks on CIAs by installing them through a modified FIRM, but that does not make them usable on stock sysnand. End of story. Please stop spreading misinformation.