[frabbit]

The offline masterkey stored on an encrypted medium is the approach that makes most sense. This[1] guide is pretty decent, and somewhere on the Debian wiki is essentially the same information (but less nicely presented).

The OP's complaints boil down to two IMO: 1) poor UX; 2) trust is difficult to manage.

1) Seems solvable to me again with subkeys for encryption and signing (which I believe are created by default for GPG2.0 anyway).

2) Asking technology to solve the problem which only each individual can answer ("do I trust this person to be evaluate other people's identities as carefully as me?") is not doable.

The example of someone getting a journalist's pubkey and being stung by the (fixed) bug whereby the wrong key may be imported is again letting the user off the hook. If someone is not actually using GnuPG's abilities to examine the WoT and see who has signed the journalist's key etc then it's an example of magical thinking with "encryption" replacing any other nostrum.

I don't believe that problem can be solved with technology.

1. https://alexcabal.com/creating-the-perfect-gpg-keypair/