Sorry, if this is not a correct way to ask a question.
In RNP we experienced an issue where certain keys have 0x0001 instead of valid high bits of signature hash in packet. Are you aware of such cases/implementations which generated such artifacts?
Thanks!
Here is an issue for reference: https://github.com/rnpgp/rnp/issues/2191
No, I am not aware. I can't remember whether PGP once had such a bug because @dshaw did most cross-testing and fixing for PGP bugs. I would suggest to remove any such checks. IIRC, this was introduced by PGP 2 to speed up signature checking. 30 years ago RSA operations were quite expensive.
GnuPG never checked it and remaining non-functional code was removed with rG151ee2f47bfdaa1273cdfd4855e937fb8f2e1d06 in 2002 if I see this right.
The gnupg-devel mailing list might be a better place for such questions.