[danielsiders]

Probably because security@ emails are routed through their normal helpdesk system which doesn't handle PGP properly.

[akerl_]

I doubt that their security emails do that, but even if they do, changing how you get the key wouldn't fix a PGP compatibility issue, since once you have the key you'd still be emailing them using it.