This works, but is unfortunately affected by an issue in ruby-gpgme where it incorrectly reports that all subkeys have every capability (I just filed https://github.com/ueno/ruby-gpgme/issues/76 for this). This will not cause any breakage. It just means that until the ruby-gpgme issue is fixed, the identity comparison will compare the fingerprint of the key that generated the signature (s.fpr) against every subkey, instead of just the subkeys that have the sign capability, because ruby-gpgme currently incorrectly reports that every subkey has every capability.
Since GPG will only generate signatures from signing subkeys, I do not believe this will cause any problems in practice.
Fixes #11.
This works, but is unfortunately affected by an issue in
ruby-gpgmewhere it incorrectly reports that all subkeys have every capability (I just filed https://github.com/ueno/ruby-gpgme/issues/76 for this). This will not cause any breakage. It just means that until the ruby-gpgme issue is fixed, the identity comparison will compare the fingerprint of the key that generated the signature (s.fpr) against every subkey, instead of just the subkeys that have the sign capability, becauseruby-gpgmecurrently incorrectly reports that every subkey has every capability.Since GPG will only generate signatures from signing subkeys, I do not believe this will cause any problems in practice.