Comment 2 for bug 913629

I forgot to note, I also verified successful signing using the same exact steps as above but by selecting 'RSA' when creating the GPG key instead of DSA... in which case the resulting test package *is* signed as expected, verified by looking at the Signature field of 'rpm -qip' of the test package.