While I do think that PM generating a PGP key by default is a good thing. Even if they are compromised, it is still better than no encryption for the vast majority of user *as long as they are not used for something else*.
The problem for us is that it is not possible to upload subkeys to PM, which allow to DM/DDs to create a subkey just for PM use. But even then I'm not aware on how to push a public key without that subkey to the Debian keyring, so maybe it doesn't matter. In any case, I don't think condemning the use of PM is justified here. Their software is open source and they are one of the only email provider that actually care about encryption. Yes, it doesn't work well with the Debian workflow, but that is not really their (nor our) fault. The percentage of people that just use mail on PM is probably significantly larger than those that also use their PGP mail to sign/encrypt other stuff like Debian packages. Cheers, Stephan