[legulere]

> end users have to manually install certificates to their email applications

This really is a problem that could be reduced. For instance there is no easy way to copy the S/Mime certificate from my macbook to my iPhone

[epistasis]

It's been several years since I experimented with this, but I recall that S/MIME on an iPhone was much easier to setup than GPG anywhere else, including the desktop. I think I used a USB transfer, but googling now shows guides that allow emailing a password encrypted p12 file.

CA and Web of Trust both require verifying the key fingerprints of yo want to be serious about it, but smime was much more easy to use overall.