If the root password is unset/blank, root is disabled and the first
user is added to sudoers. Perhaps this should be made explicit in the
installer?
I think that it will be a great idea, put a message that say: "if the root password is unset, root is ... ". I am using (and installing) Debian from some years ago, and this is new for me. =O