Adjust note for crates using sequoia_openpgp

Currently the note in README.md looks like this:

If you are developing a crate that depends on Sequoia, please ensure the users can opt into different backends. This is done by:

  • disabling default features for sequoia-openpgp
  • providing top-level features for your crate that correspond to crypto-* ones in sequoia-openpgp
  • (Optionally) Select one by default yourself

Like so:

# Cargo.toml
[dependencies]
sequoia-openpgp = { version = "*", default-features = false }

[features]
# Pick a Sequoia backend enabled by default
default = ["sequoia-openpgp/default"]

# .. but allow others to select a different backend, as well
crypto-cng = ["sequoia-openpgp/crypto-cng"]
crypto-nettle = ["sequoia-openpgp/crypto-nettle"]
# .. other backends

I've got the following issue: asking sequoia_openpgp users (e.g. openpgp-card-sequoia) to expose crypto backends is too much of a burden: they'd have to track our backends and adjust as needed. The other issue is with the Rust Crypto backend that requires some further features to be enabled to be usable, it's not clear if openpgp-card-sequoia should automatically enable allow-* features for Rust Crypto in their crypto-rust or expose the same set of features.

I propose the following adjustment:

  1. Remove this part:
# .. but allow others to select a different backend, as well
crypto-cng = ["sequoia-openpgp/crypto-cng"]
crypto-nettle = ["sequoia-openpgp/crypto-nettle"]
# .. other backends

This makes openpgp-card-sequoia expose two options: either you use their default features that include sequoia's default features, or it's possible to default-features = false which leaves sequoia_openpgp dependency without any crypto backends. But then the crate that uses openpgp-card-sequoia (e.g. pysequoia) can explicitly import sequoia_openpgp and enable features and backends that they deem good.

  1. Describe how openpgp-card-sequoia (sequoia_openpgp user) can use this pattern.

For example in pysequoia I'm currently using this:

[dependencies]
openpgp-card-pcsc = "0.3.0"
# disable default backend for sequoia, disables nettle
openpgp-card-sequoia = { version = "0.1.1", default-features = false }
# ...
# enable backend that I want, openpgp-card-sequoia will use that too
sequoia-openpgp = { version = "1.13", default-features = false, features = ["crypto-rust", "allow-variable-time-crypto", "allow-experimental-crypto"] }

Related change in openpgp-card-sequoia: openpgp-card/openpgp-card!35 (merged)

I'm creating this issue to have a place to discuss this change. If something's not clear don't hesitate to ask. Opinions welcome!

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information