The secret key material and its passphrase are stored on the server that runs our encrypted mailing list software and on systems managed by core Tails developers.
This means people other than Tails developers are in a position to use this secret key. Tails developers trust these people enough to rely on them for running our encrypted mailing list, but still: this key pair is managed in a less safe way than our signing key.