Using disable_keyring_file disables gossip encryption

[slackpad]

Looks like there's an unintended side effect of not writing the keys to a file, from this Google Groups thread:

I've been testing out Consul 0.8.5 and have observed some strange behaviour around the new "disable_keyring_file" option. With "disable_keyring_file" set to true and a gossip encryption key set via "encrypt" the Consul agent starts up with gossip encryption disabled. If the "disable_keyring_file" directive is removed from the config then the agent will start up with encryption enabled.

My understanding was that this new parameter was designed to prevent consul from writing out "${datadir}/serf/*.keyring" so that consul would only have the key passed in via "encrypt", but that encryption would otherwise work as normal. Is my understanding wrong, or am I making some other mistake? There's a redacted copy of the config I'm testing with in this gist - https://gist.github.com/cosmopetrich/9e3a1bf52af03117f9e733ccaea8de1d.