There is an argument for removing it though: we don't know if it's still
working. But what's worse: a non-working package, or a removed package
one? I'm not sure they're very different in this situation.
The main reason for removing packages was that they hold back other
changes due to autopkgtest
I agree in general to get rid of python-oauth2client
And gladly certbot upstream indeed recently got ready for what they were
asked for (to allow us to get a much newer version). Adrien already
pinged the Debian case.
I agree that this will soon happen, probably could even still go into
Oracular