I had to do a little digging on this too. Here's what's going on.
If you run sudo apt-get update in a terminal window and then scroll back up the output, you'll notice lines like these:
Hitting openprinting.org, even though openprinting.org is NOT in /etc/apt/sources.list? This, coupled with the fact that these are open-source drivers, leads me to belive that the package list for the main repository is pointing this package over to openprinting.org instead of us.archive.ubuntu.org. By default, the apt system in Ubuntu only has keys for ubuntu.com servers.
If you check out The Linux Foundation's OpenPrinting Driver List, you'll see a whole slew of drivers, including Postscript-HP. If you read this Linux Foundation forum thread you'll get the gist of what's going on.
I completely get that users will be able to get the most up-to-date drivers as soon as possible with this method. But by taking this shortcut (which I don't think was taken in previous versions), the Ubuntu devs have tripped their own security system.