keybase does! https://keybase.io/

You're saying at Keybase you don't have to compare your fingerprints out of band?

Correct. Key verification is done by looking at signatures on a given user's linked social networks / websites etc

How does it handle DNS spoofing or ip redirection?

And what happens if you have no social networks / websites like me? HN is probably the closest I got to a social network online.

How does keybase do key exchanges?

Software that uses the user's public key as the user's identifier (or potentially something that uses namecoin) do not have this issue - consider tox and ricochet for example.

This isn't really a solution, though. It's just moving the problem somewhere else. The problem then becomes things such as linking existing Third Party Identifiers like email, phone numbers etc. to the users key (which most regular users want to be able to do). The idea of a user per key in general also becomes problematic with multi-device usage or a device compromise. You will not be able to revoke access to any device without throwing away your whole identity.

At the very least, Signal notifies on rekeying and in both the desktop and Android versions it doesn't appear to be changeable.

WhatsApp also notifies on rekeying. A yellow message is shown warning that "your conversation partner's security codes have changed" or something of the sort.

It's an option. And it's disabled by default.