When a user publishes a certificate to GAL, they place a copy of their public key on the Exchange Server. When another user within the same Exchange environment tries to encrypt to that email address on the same server, they do not need to manually add the recipient as an Outlook contact and then add their certificate (public key) to that contact.
Note: This will only work if you have a Digital Certificate assigned in your Outlook Trust Center for email signing.