If you look at the argument for keeping openkeychain alive by a team member it was “lack of current alternatives” despite not currently being maintained.
I am making this same argument for picocrypts case.
Although “officially” openkeychain say they are gonna do security fixes but there hasn’t been actual actions which shows fixing security issues and are probably using EOL version of openpgp protocol.
I am surely gonna make a new proposal for delisting openkeychain. But just to make sure both projects get equal treatment here.
Does the dev of picocrypt considers picocrypt a vulnerable software ? - No