I have similar doubts as well. Especially considering that digital signatures and encryption do not protect against impersonation attacks, like phishing via facebok.com or other similar sounding domains, in either the case of websites or email. But without widespread use you don't even have the option.