Yeah, that's not even the hard part for the average user...
How could (should?) they use these things securely? You need to trust the hardware that's handling the keys too.
I can't escape the need for something like a no-closed-blobs dongle that /only/ does digital wallet stuff (and maybe storing files) which MUST have at least a method for the user to read the text of what they're signing, and if it has that use that to also control the 'presentation mode' of that device to the attached system.
How could (should?) they use these things securely? You need to trust the hardware that's handling the keys too.
I can't escape the need for something like a no-closed-blobs dongle that /only/ does digital wallet stuff (and maybe storing files) which MUST have at least a method for the user to read the text of what they're signing, and if it has that use that to also control the 'presentation mode' of that device to the attached system.