There are mature, commercial products which use this to address the "PKI benefits without the overhead of managing PKI" problems. Read the wikipedia page for the gory details, but essentially, you get to use someone's email address functionally as a public key (as per traditional PKI email schemes) wihtout the recipient having to, a priori, create the pub/priv keypair. They can be derived statelessly on the fly.
For one example, See Hewlett Packard Enterprise - Data Security "SecurMail" product.
Full disclosure: I work on this product.
Here is some basic background information on how it works.
There is still a "trusted 3rd party" running the key generator (a deal-breaker for some threat models of privacy) but that generator entity doesn't have to be the ISP or email provider involved at either end.
https://en.wikipedia.org/wiki/ID-based_encryption
There are mature, commercial products which use this to address the "PKI benefits without the overhead of managing PKI" problems. Read the wikipedia page for the gory details, but essentially, you get to use someone's email address functionally as a public key (as per traditional PKI email schemes) wihtout the recipient having to, a priori, create the pub/priv keypair. They can be derived statelessly on the fly.
For one example, See Hewlett Packard Enterprise - Data Security "SecurMail" product.
Full disclosure: I work on this product.
Here is some basic background information on how it works.
https://www.voltage.com/products/email-security/hpe-securema...
There is still a "trusted 3rd party" running the key generator (a deal-breaker for some threat models of privacy) but that generator entity doesn't have to be the ISP or email provider involved at either end.