disambiguating conflicting preference subpackets in a cert

OpenPGP v4 certs are complicated enough that they can express internally-contradictory preferences.

the spec has historically punted on that, saying basically "if your cert has conflicting preferences, other people might pick and choose and you might not like it".

!153 (merged) tries to establish that for v5 keys at least the right place for preferences is in the simplest possible place: a direct key self-sig.

!134 (closed) contains that idea, plus an initial attempt at providing guidance on disambiguation, but it doesn't go far enough.

Some things we might want to do:

• mark certain subpackets as only being allowed in direct-key self sigs on v5 keys
• add text describing a simple disambiguation process for subpackets that could still show up in multiple places
• clarify a list of places where disambiguation remains a potential problem