Hi, Mika, my apologies for responding to this so slowly. I've been very busy at work.
You are correct that the symmetric key should be re-encrypted when a new key is added. It should also be re-encrypted when a key is removed. Your analysis of the situation was spot-on. I didn't use your patch directly, since I needed to re-encrypt in two places, and that required a slightly different approach to the code. I've fixed this now in bzr, and it will be included in the next release, hopefully soon. Thank you for your help. -- I wrote a book on personal productivity: http://gtdfh.branchable.com/
signature.asc
Description: Digital signature
