When do you have to check the fingerprint of a PGP key in an independent way during initial contact?

For brevity I talk about PGP, but GnuPG or OpenPGP are meant as well and gpg is the OpenPGP encryption and signing tool for it. When initially establishing an email connection with someone, both parties have to exchange their public keys. If this exchange is done in person, the keys may be used right away. If they are mutually sent to each other by email, users are advised to check the **fingerprints of both public keys** by independent means rather than email. They can do so e.g. by telephone. Email is considered unsafe and a man in the middle (MIM) might intervene, replace the sent public key by another one from a key pair generated for himself on behalf of the original sender's email account. This theoretical threat works as long, as MIM is able to intervene in all future encrypted emails sent to the other side using the replaced key. Such manipulation is immediately detected after the fingerprint check. That's why users are encouraged to verify the other side's public key by checking its fingerprint. The fingerprint must not be received by the same communication means. Can this rule be relaxed, if one of the two got the other side's public key on a safe way, e.g. by 1. downloading it from a (non-compromised) https website, comparing it with the fingerprint displayed there and then using this key to send his own public key in a signed and encrypted message. Signing would prevent unnoticed manipulation of the email and encryption would safeguard MIM from knowing that the email is part of an initial key exchange. This email with attached own public key (by which any receiver could check, if it is unaltered) would be encrypted the other side's https-downloaded public key (lst's assume that the other side is the only one that has access to the corresponding private key). 2. receiving the other side's public key in a signed and encrypted email, when the sender uses the receiver's public PGP key which had been verified by the sender before (a situation which might arise when one side generates a new pair of private/public keys for himself and attaches his new public key to such a message. It might also arise for the second part of an initial key exchange when one public key was transferred according method 1. or after only one side has verified the receiver's public key). What might be the weak points of such a simplified procedure?