The secret key material and its passphrase are stored on the server that runs our encrypted mailing list software and on systems managed by core Tails developers.
This means people other than Tails developers are in a position to use this secret key. Tails developers trust these people enough to rely on them for running our encrypted mailing list, but still: this key pair is managed in a less safe way than our signing key.
Plugging other removable media in the air-gapped Tails to send the public key, secret key stubs, parts of the secret master key, and so on to the outside world.