It is somewhat confusing that the package calls itself netcat-openbsd but deviates from the options that OpenBSD supports.
For people coming across this wondering where to find a version of netcat that supports TLS, note that to add to the confusion other distros have picked up Debian's version and call it "netcat-openbsd" with the Debian patches. LibreSSL portable (https://github.com/libressl/portable) actually includes a version of nc (if enabled via ENABLE_NC) that is closer to the true OpenBSD netcat. Instead some distros package nc as part of LibreSSL, for example https://github.com/NixOS/nixpkgs/blob/master/pkgs/development/libraries/libressl/default.nix contains a version on NixOS that includes the TLS supporting nc (NixOS also offers a netcat-openbsd, which is based on the Debian patches.) (There is also https://github.com/reyk/libressl-deb for Debian, but unfortunately that doesn't seem to be kept up-to-date.) Maybe it would make sense to keep this netcat-openbsd package for compatibility but encourage people to switch to a netcat version built as part of the libretls package build (by turning on ENABLE_NC there and split out the nc binary into a binary package.like netcat-libretls).
