I've now tested the brand-new signature(DF[,DS]) = [PK:]FP functionality
that Jeff the last two days busily developed.

In short: great! Jeff, very well done!

You have my compliment as you did a phantastic job and certainly made an
after-Christmas gift to the RPM world with this feature.

I've now tested it this way:

| [...]
| Source1:      test
| Source2:      test.sig
| Source3:      test.asc
| Source4:      pubkey
| [...]
| BuildPreReq:  gnupg(%{SOURCE3}) = 4E23E878D41A0A88EDFCFA5A6E744ACBA9C09E30
| BuildPreReq:  signature(%{SOURCE3}) = 4E23E878D41A0A88EDFCFA5A6E744ACBA9C09E30
| BuildPreReq:  signature(%{SOURCE3}) = %{SOURCE4}:4E23E878D41A0A88EDFCFA5A6E744ACBA9C09E30
| BuildPreReq:  signature(%{SOURCE1}:%{SOURCE2}) = %{SOURCE4}:4E23E878D41A0A88EDFCFA5A6E744ACBA9C09E30
| [...]

The "test" is the plaintext file, "test.sig" is the detached
signature variant, "test.asc" is the cleartext signed variant and
"pubkey" is the public key.

Except for the "signature(%{SOURCE3}) =
4E23E878D41A0A88EDFCFA5A6E744ACBA9C09E30" all works just
fine and as expected. The failing "signature(%{SOURCE3}) =
4E23E878D41A0A88EDFCFA5A6E744ACBA9C09E30" I guess is just related to
this RSA-key-lookup issue you already mentioned, because I've done an
"rpm --import pubkey" but this seems to be not looked up correctly. Not
a problem at this point. Really can be fixed when time permits.

But everything else seems to work just fine and really as expected --
especially if one manipulates the data file, the signature file, the
pubkey or the fingerprint, etc ;-) And as signature(...) functionality
is now a fully built-in functionality of RPM I'm really happy...

So, I just can say it once again: very well done, Jeff! Thank you for this.

                                       Ralf S. Engelschall
                                       rse@engelschall.com
                                       www.engelschall.com