Since version 2.1 of easyDCP Creator+ it is possible to open encrypted DCPs and to use these DCPs as a basis for new DCPs. There are basically two ways of providing the keys in order to allow easyDCP Creator+ to decrypt the content for the preview and before generating a new DCP.
If one provides the keys by a Fraunhofer Digest, we assume that the user generated the content and that he is in charge of the source content used for the first DCP generation. In such a case you can do everything in easyDCP Creator+, including the deactivation of the encryption and the generation of a new Digest when generating a new DCP.
If one provides the keys by a Distribution KDM (or KDM), easyDCP Creator+ does not allow to disable the encryption nor lets it generate the Fraunhofer Digest for the new DCP. In order to understand this behavior we have to explain that the Fraunhofer Digest stores the encryption key as plain text on the hard drive. Without disabling the Digest-option one could easily open an encrypted DCP together with a DKDM, generate a new encrypted DCP and store the encryption keys in plaintext. Since content-owners are very diligent with their content, Fraunhofer IIS decided to disable the option since version 2.1.