Well, at least Alice or Bob has to send their public key unencrypted.Best thing ->Person A sends public key with plaintext.Person B encrypts their public key with Person A's public key and sends that to Person A.Person A decrypts Person B's message to find Person B's public key. Person A makes a new public key and encrypts that with Person B's public key.Person B decrypts and obtains Person A's new public keyNow you are twice as secure as before. The outer 'shell' of encryption must be broken before getting access to the inner shell of encryption. A bit mind boggling though.Notice how one could potentially exchange dozens of 'nested' public keys to enhance PGP to any level of security you wanted. That, I reckon, is the seed of ideas like the Tor onion routing network.Doing too much of this is kinda pointless for the majority of messages sent. Much like using weak passwords on sites like the NY Times or WSJ, since it's not exactly pivotal if an attacker gains access, you ought to use different levels of cryptography for different purposes.Obviously if you need stronger encryption that what PGP can offer, then your main attack vector is far more likely to be a keylogger to obtain your passphrase or LE malware to get a copy of your private key.