deb should install signing keys
The deb file should also install the signing keys so that future updates don't whine about untrusted packages.
Currently, the keys are installed, but I suspect that a package upgrade will cause the key to be uninstalled before the new package is verified. Which could result in an "untrusted package" warning. I think. This should be checked.