My understandkng is that it is generally not advisable to download any files on tails as they may contain malware, e.g. from potential bad actors such as hackers/alphabet agencies/LE, or they could compromise security. Even on trusted sites, there is the risk of hacking, LE takeover, or MITM attacks.
(Please correct me if my understanding is incorrect or incomplete)
However, some sites don’t offer their pgp key in text form @ /pgp.txt, instead offering a download such as a “PGP/MIME-encrypted message header” file.
Is it safe to download these files?
Is there any risk of these files containing malware or compromising security?
Is there anything that can be done to minimise these risks if so?
Is there any difference in advice if downloading it from a clear-net site vs darknet site, (e.g. increased risk of MITM attack)?