2Gilfoyle: yes, you need to pass the password to the recipient somehow. And the only secure way to do that is to pass it from hand to hand. Because there is no reliable method of remote key exchange. Algorithms like Diffie-Hellman can be used only with direct connection when middleman attack is not possible. Using public keys issued by a Certificate Authority means that you trust that specific CA absolutely (do you?).