> Well, yes? What is the alternative, if I want to email someone who exists only in the form of a pseudonymous online identity?
If you want to communicate with someone specific then presumably there's something that distinguishes that person from other people. Find a way to connect that something with a key fingerprint. E.g. if the point is that that someone is a journalist for the New York Times (as when Snowden was first looking to leak), they should publish their fingerprint in the NYT, or at least something NYT-official (like their website).
There are use cases where trust-on-first-use is adequate, sure. But there are use cases where it isn't.
If you want to communicate with someone specific then presumably there's something that distinguishes that person from other people. Find a way to connect that something with a key fingerprint. E.g. if the point is that that someone is a journalist for the New York Times (as when Snowden was first looking to leak), they should publish their fingerprint in the NYT, or at least something NYT-official (like their website).
There are use cases where trust-on-first-use is adequate, sure. But there are use cases where it isn't.