One problem with ssh-key client authentication, is the trust of the public key, now both there is x509 and openssh's certificate based authentication systems, but neither are globally adopted by all clients and servers. This leads to the "how do you absolutely know that the key listed in authorized_keys is a valid ssh key or if someone has added one to it. But you without widescale support of SSHFP, there's no method of really trusting the servers keys either, if you are connecting to a server for the first time, can you actually trust the fingerprint, and if the fingerprint changes how do you know if it's a valid change or not.
A second problem is that with key-agents, allows for the key to be used to connect to other systems, so if someone obtains your "insecure" private key, they could have access to each server that trusts that key, directly or indirectly.
A third, which isn't a problem but somewhat of missing documentation, is that of the Sub Services, So many more features could be generated with better documentation available, an example could be to provide a replacement for the time services (not ntp), and I have used it in the past to output stats from various services, but the documentation is missing.
The last thing I will say, on the server side not only deprecate ssh v1, but it's time to completely obsolete and remove it.