DigSig only checks the signature is validated, but this
is a bit quick. We should also check that:
- the signer key ID referenced in the signature
corresponds to our key
- check that the signature is an OpenPGP signature
packet (leading 0x89)
- check that algorithms referenced in the signature are
RSA & SHA-1.