This dir contains a sample package, the dpkg-sig tempdir (still named
debsigs-ng.XXXXXX) and the generated files.

What happened:
sample$ dpkg-buildpackage -rfakeroot -uc -us
[...]
sample$ cd ..
examples$ dpkg-sig --sign-changes full --sign builder dpkg-sig-example_0.1_i386.changes
[...]

The used dpkg-sig version was slightly modified 'cause i wanted the
temp files available in the example.

Let's see what dpkg-sig did with the .changes file... It was parsed to
get the binaries (== .debs) to sign.
The next step was to get the md5sums of all existing archive members, 
which were written to debsigs-ng.sample/md5sums. The first line of this
file contains the signing role (builder, ...). This was added in version
0.3 to prevent the renaming of signatures.
A detached signature of this was created with gpg in 
debsigs-ng.sample/md5sums.asc and added at the end of the deb as 
new file. The filename in the archive is the signing role, prefixed with
_gpg and, if needed, suffixed with a unique char).

The last step is the rewriting of the changes file, as the size and 
md5sum of the deb have changed. As this invalidates the old gpg 
signature, it is stripped.

dpkg-sig also supports to sign .changes and .dsc files starting from
version 0.5. This is done with the debsigs-ng/{dsc,changes}* files.
