[p_l]

Safer mechanisms of distributing and establishing "root" keys for identify verification (so you can then use them easier with normal D-H on normal internet) is one use case I recall from 1990s.

But few years ago I heard of some other interesting uses where quantum properties were used to essentially enable DWDM-like virtual circuit routing with higher capacity - though I would have to look again if it went anywhere or into scrap heap of quantum BS.

[bawolff]

> Safer mechanisms of distributing and establishing "root" keys for identify verification

Except it doesn't solve the mitm problem, so its not really safer.

[p_l]

The ideas discussed in 1990s suggested a way to ensure that mitm guaranteed deviation from data transmitted. How well it would work in real life I have no idea

[fsh]

QKD is only safe against MITM if you have pre-shared keys between the parties. At that point you might as well use symmetric cryptography which is immune against hypothetical quantum computers and infinitely more efficient than QKD.