Well, I still don't understand why this is advertised as such a
difficult problem, particularly why package.el would need sign operation
with Emacs.  Am I missing something?

Perhaps it might make sense to discuss with some code.  Here it is.

The code verifies a detached signature NAME-VERSION.tar.sig with a
trusted keyring located under ~/.emacs.d/elpa/gnupg/.  That's it.

For uploading packages, we could simply use the same mechanism as
gnupload in Gnulib.

It's actually a 10-minute work at an airport lobby and tested only with
the local package archive.