The documentation seems to imply otherwise?

So that we can still build a bullseye package.

Fixes issue #5.

Prevents us from making 4-5 concurrent requests (or fallbacks to
decryption from database) for the same user when clients like
Thunderbird connect.

Breaking API change, adding a "session_id" field to Open and Close
calls.

Multiple sessions can be attached to the same decrypted key, each
expiring (or being closed) independently: the key will only be dropped
when the last session terminates.

Using a *yaml.Node does not work.

The messages should look less confusing now, as the phrasing for
expected errors has been changed.

Introduces the "sql" backend, and refactors backends behind a nicer
interface (which looks a lot like the one in id/auth). Users can
define arbitrary SQL queries to fetch the key data, to adapt to their
database schema.

Include vendored dependencies for sqlite3/mysql/postgres.

Sets 'noauthenticate', and prefixes the private key with the userdb_
prefix as it should.

This allows Dovecot to fail temporarily if the key lookup backend is
unavailable or has issues talking to LDAP.

The dovecot-keylookupd is a dict-proxy dovecot lookup daemon, which
can read public and private keys from the LDAP backend and use them
for Dovecot userdb / passdb lookups.