Separating UX and "security" from a cryptosystem is impossible. Poor UX leads directly to security vulnerabilities.
Heck, we've seen that in library code: your AES implementation may be sound, but if the library interfaces make it easy to reuse an IV, or use a null IV[1], you have a broken cryptosystem.
I don't even know where to start: backwards compatibility to 90s era crypto, no forward secrecy, a web of trust model that encourages you to have a long-lived key – because with short-lived keys your trust has to be rebuilt after expiry, a cryptosystem that violently leaks metadata...
PGP should've died years ago; there are far better options today.
