I was working on some items for a "persistent" customer that wants to use Satellite to maintain deb repos. I figured out how to enable the feature and sync repos after some digging. One of the items that I ran into while doing this is this issue related to GPG Keys...

https://projects.theforeman.org/issues/32145

after some research I determined that when synching deb repos, the deb specifications and pulp understand one another just fine. When deb repositories are published, they produce a Release.gpg file and a Release file signed by the gpg key in Release.gpg. When pulp goes to sync content, it downloads the Release.gpg file and uses that key to validate the Release file. Inside the release file are the MD5 sums for the artifacts that will be downloaded. Pulp uses the included sums to verify the downloads.

So... providing a GPG Key when creating a deb repo seems to be something that we don't want to do.
If you provide one you get the error in Issue 32145. "No valid Release file was found for 'release_name'"
If you do not provide a GPG key content credential as part of the repository configuration, everything proceeds smoothly.

I think that the GPG Key drop down should be hidden or disabled for 'deb' type repos. Yes?