As it happens, I was just studying the CT-RSA 2015 conference agenda, I read that there is a conference talking about some form of oracles in OpenPGP and affecting several implementations.
That would indicate that the RFC4880 format is fundamentally broken in theory AND practice.
http://www.rsaconference.com/events/us15/agenda/sessions/176...
