Is this what we really need?
I would have said we need something different:
1. Personal Certificate Authorities
2. Per-contact keys/certificates.
3. Simple distribution (email headers?)
4. Simple key acquisition (mail clients, social media?)
5. Simple point of presence servers, linked to addressbooks, address-book groups.
Do we mainly need foolproof encryption or do we need enough security to make scams, phishing etc mostly unprofitable? Do we need a way to easily recognise friends when they connect to our web servers. Even if their systems are compromised, it shouldn't compromise everyone else I know, because I've given them all their own certificates for connecting to my systems, so I can run my own "facebook-wall" which they can reference on their "facebook-wall" but which stays firmly under my control, on my servers.