I understand the motivation for moving the keys away, but it is not that clear to me how to prevent the device that is doing the signing from being fooled into signing something that it shouldn't.