We consider to put one of our assemblies in the GAC for the purpose of versioning. This means this assembly must be signed and each other assembly it uses (e.g. 3rd party) must also be signed. Only the 3rd party vendor can do the signature. Is there a practical risk that some vendors will not supply a signed version and we are limitting ourselves?
The risk is not applicable.
You can only put an assembly in the GAC if it depends only on other GAC assemblies.
So your 3rd party libs should already be in the GAC.
If they are not, you can fake it (see @Preet Sangha) but then you become the publisher of those libs. And sharing those binaries with other apps will (can) not happen.