> That is a nice solution. > > I didn't understand that was the behavior from reading the > documentation patch from the OP. This makes it sound like the last key > is used for encryption and not the next-to-last (penultimate).
Correct.
> Currently there is no choice about which key to use, so maybe we should
> just default to the penultimate?
I agree, we just need to make sure the reason for this is properly
explained in the docs.
Lukas
