Re: One Time Pads.
"The usual way to overcome that is to publish your public key on a public forum or a public repository. If someone manages to hack into that forum/repository and change the key, you will know as soon as you log onto that forum and see that the key you published has changed. Similarly, if someone were to publish a bogus key to the public platform in your name, you would see that fraudulent post. You can then shout long and loud in clear emails and messages that someone is trying to impersonate you."
The problem behind that problem, of course, is that if someone is impersonating you, they can just turn the tables on you and say your attempts to cry impersonator are themselves that of an impersonator. Now you're trapped in a "he said, she said" conundrum, and in a First Contact Problem, there's no shared context with which to make the ultimate judgment. It becomes a coin flip.
Biting the hand that feeds IT
