It seems that OTP encryption is unbreakable. I have read some articles (Wikipedia, Blogpost, etc.), but I could not find any information about how they are used.
If I wanted to create a messenger service, how would I distribute the OTP keys? Both the sender and the receiver need this key before the message is sent, right?
And how do I make sure no one else gets these keys?
If you perform the distribution digitally (using networks) then you have a problem. Unless you use another one time pad you lose the perfect confidentiality as the distribution itself won't deliver perfect security. But using another one time pad is pointless: you would lose exactly as many key bits as you are distributing, while you are only protecting the data for confidentiality, not integrity and authenticity.
So basically you'll probably have to physically distribute the keys. That kind of burden is probably not very useful. Hence we mostly treat the one time pad as a theoretical cipher. One very big reason for this is that - although not proven secure - there are many (stream) ciphers that are thought to be secure. There is simply no need for a one time pad.
So the key management / key distribution is extremely awkward for one-time-pads not just because of the size, but also because anything you do with the key breaks the perfect secrecy you are trying to achieve.
Use a trusted messenger. If possible, transfer the OTP yourself.
Sending OTP keys over the Internet is usually not a very good idea because "the distribution itself won't deliver perfect security" and one must worry about "integrity and authenticity", as Maarten Bodewes has said. Moreover, it is reasonable to assume that using a OTP might attract some eyeballs, automated and otherwise, onto your traffic.
There is another option: steganography. But you are still going to burn a lot of your precious truly-random bits because you do not want to send any of your keys unencrypted.
An advantage of using a trusted messenger that is seldom brought up is how one can limit metacontent (metadata) during key exchange. Look at it as a security question and then a choice: what collection platforms are there likely to be, and does it matter whether I get on them or not?
Create your OTP on an air-gapped device that has never (and cannot) touch the internet or any other device whatsoever, then lose your phone and put the OTP in your future correspondent's hand.
Your question is now 4 1/2 years old, and things have moved on for pad distribution (at least in the professional arena). Hobbyists are still stuck with pigeons and USB drives secreted about their bodies, having clandestine meetings and physically exchanging bits.
Professionally, there are an ever increasing number of quantum key distribution networks (QKDNs) which send the OTP material via laser beams. In essence it happens like the following, with ALICE beaming her true random bits from her TRNG (typically a beam splitter) to BOB:-
After some processing and validation, BOB and ALICE are both in possession of key material suitable for OTP use. VoilĂ .
And as for "how do I make sure no one else gets these keys?" It doesn't matter. The distribution of the photonic based keys is governed by the Observer effect which means that in an ideal QKDN, if nasty EVE reads the photons, ALICE/BOB will be able to tell as their polarisations will have changed. They then invalidate that particular key transmission and redistribute. There are more nuances to QKDNs than punched paper tape distribution used to have, but essentially the focus of trust shifts from the courier to the QKDN provider.
Image is an extract from a longer answer...
