Which of the following is the MOST significant flaw in Pretty Good Privacy (PGP) authentication?

Which of the following is the MOST significant flaw in Pretty Good Privacy (PGP) authentication?

A.
Weak encryption can be easily broken

B.
It is subject to a man-in-the-middle attack

C.
Privatekeys can be compromised.

D.
A user must trust the public key that is received