An oracle attack is a powerful technique used to discover information about the internal state of some system. The system is tested in some way, usually repetitively, and the response is analyzed.

My single point here is that when PGP is used in a unidirectional application like email, oracle attacks are impossible simply because there is no response available. I suppose in theory the attacker could try to get the recipient to manually send back the error messages, but that is quite unlikely to have a good outcome.

This immunity to oracle attacks comes from the simplicity of PGP. There are no low level automated subsystems to interact with. You are always interacting with a person.

PGP FAN index