I'd like to see the binaries signed with gpg, independent of any signatures
required for various operating systems.

I can't imagine a worse scenario than the bitcoin.org site being hacked and
the binaries replaced with wallet-stealing code. All of the developers seem
to have gpg keys, how hard can it be to provide a detached gpg signature
for the binary?