I am not sure of all of the use cases of this module, but since a key does provide some ACL, and when you add a key that is in use by another group you get a message that says "The key '' is already in use by a different group.".

There definitly needs to be some mechanisim of having distinct keys else you will not be able to provide the http://journal.com/og/reg-key-join.

Maybe this is by design, and if so should be defined in the documentation.