Package: hopenpgp-tools Version: 0.19.5-1 Severity: wishlist a "key usage flags" subpacket (https://tools.ietf.org/html/rfc4880#section-5.2.3.21) should be present on every self-sig and every subkey binding signature.
the absence of a key usage flags subpacket should itself be displayed as a warning. furthermore, the presence of an empty key usage flags subpacket should not be conflated with the absence of a key usage flags subpacket. an empty-yet-present key usage flags subpacket explicitly says "this key is *not* for any of the established uses, but i'm attaching it for other reasons", while an absent key usage flags subpacket is indistinguishable from "this key was created by software that doesn't know how to produce a key usage flags subpacket". --dkg -- System Information: Debian Release: buster/sid APT prefers testing-debug APT policy: (500, 'testing-debug'), (500, 'testing'), (500, 'oldstable'), (200, 'unstable-debug'), (200, 'unstable'), (1, 'experimental-debug'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.14.0-3-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages hopenpgp-tools depends on: ii libbz2-1.0 1.0.6-8.1 ii libc6 2.26-4 ii libffi6 3.2.1-8 ii libgmp10 2:6.1.2+dfsg-2 ii libncursesw5 6.0+20171125-1 ii libnettle6 3.4-1 ii libtinfo5 6.0+20171125-1 ii libyaml-0-2 0.1.7-2 ii zlib1g 1:1.2.8.dfsg-5 hopenpgp-tools recommends no packages. hopenpgp-tools suggests no packages. -- no debconf information