Migration-script must look up distinct keys for members
Currently if the key_fingerprint
-attribute is empty for an admin, the script looks for a matching key in the keyring in order to pin its fingerprint. Otherwise the different behaviour of schleuder v3 compared to v2 (only use pinned keys) might lead to the situation in which people receive unencrypted emails.
The script doesn't look up keys for members, though.
And it should check if the key-lookup returned only a single usable key, not just use the first key.