I don't have anything further to add to this sub-thread. I think I've
made valid points about what our requirements should be to ensure that
changes to key material are done in a way that our users can trust, why
not doing so would reduce user security compared to what happens in
Debian, and justified my position. I've also made some suggestions on
how I think this can be implemented without too much pain.
If you don't want to do those things, then my opinion is that these
changes are not suitable for SRU in Ubuntu.