support for signature verification using PGP-2 keys

It's not possible to verify signatures made with PGP-2 keys:

$ wget https://src.fedoraproject.org/rpms/tin/raw/rawhide/f/tin-pgp-key-0x5A49550EB490B4D1.txt
$ wget ftp://ftp.tin.org/pub/news/clients/tin/stable/tin-2.6.5.tar.xz.sign
$ wget ftp://ftp.tin.org/pub/news/clients/tin/stable/tin-2.6.5.tar.xz
$ sq verify --signer-file=./tin-pgp-key-0x5A49550EB490B4D1.txt --signature-file tin-2.6.5.tar.xz.sign

  Error: Failed to resolve --signer-file ./tin-pgp-key-0x5A49550EB490B4D1.txt
because: A cert from file ./tin-pgp-key-0x5A49550EB490B4D1.txt is bad
because: Unsupported Cert: Unsupported primary key: Malformed packet: unknown version

  Error: Failed to resolve certificates

It's still possible to verify using GnuPG 1.4.23:

$ gpg1 --homedir=/tmp/tmp.J9BC3pEgNt --pgp2 --yes --output=/tmp/tmp.J9BC3pEgNt/keyring.gpg --dearmor /builddir/build/SOURCES/tin-pgp-key-0x5A49550EB490B4D1.txt
$ gpg1 --homedir=/tmp/tmp.J9BC3pEgNt --pgp2 --verify --keyring=/tmp/tmp.J9BC3pEgNt/keyring.gpg /builddir/build/SOURCES/tin-2.6.5.tar.xz.sign /builddir/build/SOURCES/tin-2.6.5.tar.xz
gpg: keyring `/tmp/tmp.J9BC3pEgNt/pubring.gpg' created
gpg: Signature made Tue Dec 23 23:21:25 2025 UTC using RSA key ID B490B4D1
gpg: WARNING: digest algorithm MD5 is deprecated
gpg: please see https://gnupg.org/faq/weak-digest-algos.html for more information
gpg: /tmp/tmp.J9BC3pEgNt/trustdb.gpg: trustdb created
gpg: Good signature from "Urs Janssen <urs@mitdemeinkaufswagennachhausebringenlassenunddosenbiertrinken.de>"
gpg:                 aka "Urs Janssen <urs@ka.nu>"
gpg:                 aka "Urs Janssen <urs@pop.de>"
gpg:                 aka "Urs Janssen <urs@akk.org>"
gpg:                 aka "Urs Janssen <urs@tin.org>"
gpg:                 aka "Urs Janssen <urs@akk.info>"
gpg:                 aka "Urs Janssen <urs@argh.net>"
gpg:                 aka "Urs Janssen <urs@usenet.de>"
gpg:                 aka "Urs Janssen <urs@arbeitsen.de>"
gpg:                 aka "Urs Janssen <urs@karlsruhe.org>"
gpg:                 aka "Urs Janssen <urs@akk.uni-karlsruhe.de>"
gpg:                 aka "Urs Janssen <urs@druecke.strg-alt-entf.org>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 34 4E 0E F3 47 90 75 9A  87 E3 03 DE 6D BC 4E 51