A public key can be shared anywhere: blog post, email, printed flyers, etc. It’s just a matter of making sure that the public key corresponds to the individual you want to have encrypted communications with.
Maybe I’m missing something, but the scheme in your original post doesn’t appear to be dependent on IPFS. And it’s not clear how you’re using IPFS for Alice and Bob to communicate (e.g., pubsub, libp2p streams, something else).
IPFS already uses public/private key encryption for communication between nodes. If you’re sure that a node id is controlled by the individual you’re intending to communicate with, then the individual controlling the node should already be authenticated in a sense.