doc: Improve the warning section of the gpg man page.

* doc/gpg.texi: Update return valeu and warning sections.

Signed-off-by: Werner Koch <wk@gnupg.org>

doc/gpg.texi

@@ -3933,20 +3933,26 @@ or "Alpha" but not the string "test".
 @mansect return value
 @chapheading RETURN VALUE
 
-The program returns 0 if everything was fine, 1 if at least
+The program returns 0 if there are no severe errors, 1 if at least a
-a signature was bad, and other error codes for fatal errors.
+signature was bad, and other error codes for fatal errors.
+
+Note that signature verification requires exact knowledge of what has
+been signed and by whom it has beensigned.  Using only the return code
+is thus not an appropriate way to verify a signature by a script.
+Either make proper use or the status codes or use the @command{gpgv}
+tool which has been designed to make signature verification easy for
+scripts.
 
 @mansect warnings
 @chapheading WARNINGS
 
-Use a *good* password for your user account and a *good* passphrase
+Use a good password for your user account and make sure that all
-to protect your secret key. This passphrase is the weakest part of the
+security issues are always fixed on your machine.  Also employ
-whole system. Programs to do dictionary attacks on your secret keyring
+diligent physical protection to your machine.  Consider to use a good
-are very easy to write and so you should protect your "~/.gnupg/"
+passphrase as a last resort protection to your secret key in the case
-directory very well.
+your machine gets stolen.  It is important that your secret key is
-
+never leaked.  Using an easy to carry around token or smartcard with
-Keep in mind that, if this program is used over a network (telnet), it
+the secret key is often a advisable.
-is *very* easy to spy out your passphrase!
 
 If you are going to verify detached signatures, make sure that the
 program knows about it; either give both filenames on the command line