Consider and client server scenario and you got two options:
- You can include Server's Public Key in Client and perform the exchange.
- You can use Diffie Hellman KeyExchange Algorithm to handshake and then exchange the key.
Which one is more secure way? also if public key will come from store say from Client CA store? would it be more secure instead of binding it in Client app?
The deployment will be done via an installer, verifying the version on each run.