[Reubachi]

PKI infra and public trust CAs support this already via vetted identity certs. Nowadays these certs require picture ID from some determined compliant government org.

IE; your signing, email, encryption certificate public and private key are uniquely tied to your face, name, etc. You can do this privately. I can't think of a negative to this system in terms of risk, bloat, fatigue.

All this though assumes you support public certificate authorites and their practices. which is a bit of a walled garden on purpose, and tbh these types of certs aren't really needed right now.