

it’s really no worse than S/MIME
That’s damning with faint praise if I ever heard it.
The biggest problem of OpenPGP is key management. The web of trust is fine but key rotation is an absolute nightmare. And I say this as someone who has been comfortable using it for 27 years.
Kinda but … they go together, and Active Directory is more or less LDAP+Kerberos with a sprinkling of standardization on top.