accidentally verifying with wrong sigstore instance looks confusing

[jku]

If I do sigstore --staging sign ... and then do sigstore verify identity ... (accidentally without specifying --staging) the error I get is not enough timestamps validated to meet the validation threshold (0/1)

It's not incorrect but it would be nice if we could be somehow more informative.

[woodruffw]

I'm counting this as a bug -- IIRC at some point we had some special casing to hint the user towards the fact that they were probably verifying against the wrong trusted state, but that's probably being masked/got clobbered by refactors over time 🙂