Endwall 05/10/2019 (Fri) 17:28:17 No.1395 del
Nothing should flow into the encryption station, but I guess you have to get the public keys for your recipients onto the encryption station somehow, so you can make an exception for that, or do it during installation if you have a small consistent set of people that you communicate with. Or just risk bringing in a new public key by floppy disk. It's a very small attack surface.

The point is to assume that the transmission computer can or will get compromised by a keylogger, or by other malware, since it is internet connected, and to shield the messages by encrypting on the air gap.

You might need to jump new public keys onto the encryption station but aside from that nothing comes in, only messages go out on it. With the decryption station nothing comes out, only encrypted messages go in.

1.44MB is enough to have a book's worth of text. That should be enough for passing messages.
The King James bible is 4.3MB uncompressed 1.3MB compressed with gzip. So 2 floppy disks should be sufficient to shuttle messages back and forth for a couple of years.

If both message counter-parties did this protocol, it would be pretty secure. If your messages were leaked at that point and you discovered it by some means, you could safely assume that the person that you are communicating with is a rat,snitch,traitor, etc., who forwarded the decrypts along to your adversaries / enemies.

Its not unbeatable, for instance someone could install a camera in your room...and point it at your decrypt / encrypt station monitors,or keyboard, or have switched your keyboard for your encrypt station with a keyboard with RF signalling by physical access, which is why physical security is also important.