Padding octets (zero/random/other)
Draft-06 says to use random padding octets. That may enable a relatively high bandwidth covert channel. Using zero values may be problematic here due to compression. We could require those octets to be deterministically generated instead and could make it optional or mandatory to verifiy correct values were used.
There was support to change from random padding but also argument that covert channels will remain anyway. There was a suggestion to move this to a separate draft. We may want a scheme that can produce different values in case >1 padding packet exists in the same compression context.
Two (mutually exclusive) merge requests [2,3] for this have been proposed, so we could pick one and go from there.
[1] https://mailarchive.ietf.org/arch/msg/openpgp/npCHOnOWEWVfvztmrkqs0w00NLk/ [2] !203 (closed) [3] !204 (closed)