According to RFC 2440, if a four-octet length Public Subkey Packet
is bound to a key, the signature is computed over a packet with a
two-octet length field.
In violation of the RFC, both PGP and GnuPG reject such signatures.
(Section 5.2.4: "When a signature is made over a key, the hash data
starts with the octet 0x99, followed by a two-octet length of the key,
and then body of the key packet. (Note that this is an old-style
packet header for a key packet with two-octet length.) A subkey
signature (type 0x18) then hashes the subkey, using the same format as
the main key.").