The kernel of the conceptual problem with this web-of-trust feature is in another Filippo post[1]: when I sign someone's else's key, it is difficult (in practice: impossible) to really know the provenance of that key. The signer could have gotten the key from a keyserver (in which case you now transitively trust the keyserver). Or they could have gotten it from a random email saying "this is my new key". You don't know; the basis for trust isn't there, or rather, to the extent it is, it's only there across strong, short paths in the graph of key signatures; it doesn't scale out to the whole "web".
I'm definitely not arguing against that. I think keyservers are one of the worst things to ever happen. PGP's implementation of the web of trust is hugely flawed. I'm saying the concept is still incredibly useful. I get frustrated when I see suggestions that we should abandon the notion signing other people's keys because users can't be trusted to do it properly.
I think the author of the article you link to is mostly right. Long term keys don't make much sense most of the time. A key that's signed by a million people is useless. I only care that it's singed by the people who are relevant in the context for which I'm using it. Relationships change too. If I've got a key from level 1 support to a level 2 support person, I can't trust 6 months later that the level 2 support person still works at the company. You need to have a context to describe the link in order to understand it. PGP (and by extension GPG) are absolutely horrible in that regard.
I find it ironic that the author says that the best way to reach them is by their Whisper number. This is what frustrates me. We exchange "horribly flawed implementation" for a central trust broker -- who may or may not be trust worthy.
I still think this is a problem of public key servers being a broken idea, rather than PGP itself.
It's 20 years since I've been to a key signing party, but there are still several small circles of trusts where I have very good ideas about the trustworthiness of each member and of the overall circle.
I still trust the crypto that PGP (and OpenPGP) uses. (With the caveat of no forward secrecy unless you try to handle that yourself).
I'm not entirely sure I've _ever_ trusted a key server provided public key, beyond the use case of trying it to open a conversation in which I can verify (to whatever level is needed) whether the person on the other end is the person I am trying to communicate with.e
If only distributed signatures included trust levels -- then you could at least attempt something like that. Though unfortunately trust levels are themselves incredibly coarse and subjectively determined (does "I trust fully" mean "I checked 6 forms of government ID" or "I know this person by their handle"?).
To be honest, I think Keybase has the only workable solution to this problem for modern online personalities -- tie it to directly to your other identities online such that you would need to break into many accounts in order to fake someone's identity. And individual users can decide for themselves what threshold of trust they have for someone.
https://blog.filippo.io/giving-up-on-long-term-pgp/