Part of the reason you are Verifying the key a second time with a third party PGP key server is to ensure that the Signing Key has not been compromised by potential bad actors.

Using Tor, go to pgp.mit.edu and enter Tails Developers into the Search String field.

Ensure the option for Show PGP fingerprints for keys is checked, then click Search.

You will recieve several different results, but the one you are going to want is the offline long-term identity key

Compare the fingerprint generated from GNU Privacy Assistant to the fingerprint shown by pgp. If they are the same, then the file is safe to use.