The problem with this is that a tool that is too generic is itself dangerous, because it creates cross protocol attacks and confusion attacks like in https://efail.de for PGP email.
I think that a better approach is to bind identities from multiple purpose built cryptographic protocols.
If you blame gpg for efail you can blame anything really for a virus on one of the endpoints of any form of encryption.
Next you will hold rensponsible tech for social engineering and mandate users should not know their own secrets because that causes vulnerabilities in protocols :p
By that logic we shouldn't recommend cars with high safety ratings, because we can always train users to drive motorized unicycles at 200 MPH. Clearly there's no fault with the unicycle regardless of how many people crash, it behaved as specified.
I think that a better approach is to bind identities from multiple purpose built cryptographic protocols.