Odd icons on ZFS native-encrypted pool sent/received from geli-encrypted zpool

[Stranded Camel]

I had a dying SSD with a geli-encrypted zpool that I needed to replace. I created a new, ZFS native-encrypted zpool on a new SSD and then I used zfs send | zfs receive to copy the three datasets from the old zpool to the new one.

Everything is working, but in the Storage > Pools interface the three child datasets have icons I've never seen before: padlocks with the "prohibited" symbol inside them (a circle with a diagonal line crossing it). The parent dataset has a closed normal padlock before I unlock it, and an open normal padlock once I unlock it.

What is the meaning of these padlocks with the "prohibited" symbol? Does it mean the child datasets are unencrypted? If so, how would I go about encrypting them? I had assumed that any data copied to an encrypted parent dataset would also be encrypted, but this newfangled native encryption is a bit of a mystery to me at time.

 

[Apollo]

It happens when replicating a dataset from GELI encrypted pool to a ZFS Native encrypted pool when the destination dataset already exist and has password encryption, but the dataset has not been Unlocked yet.

One of the side effect is that unlocking the already existing dataset isn't possible as it will not be mountable. The dataset with the forbidden keylock must be destroyed first.