We should indeed at least show a clearer error message here.
I'm not sure about depending on gpg for all installations, because of the number of dependencies we'd pull in (the gpg binary and all its dependencies).
We can register an 'extra' for gpg signatures so that you can install 'breezy[pgp]' to pull in the right dependencies, but that's of course a lot less discoverable.
We should indeed at least show a clearer error message here.
I'm not sure about depending on gpg for all installations, because of the number of dependencies we'd pull in (the gpg binary and all its dependencies).
We can register an 'extra' for gpg signatures so that you can install 'breezy[pgp]' to pull in the right dependencies, but that's of course a lot less discoverable.