The following is what I got so far. I never used Bitcoin. So correct me, if something is wrong please.
1: Create a seed phrase with dices
2: Write it down on paper or carve it into metal
3: Buy a hardware wallet with no internet connectivity.
4: Never connect that wallet to any other device.
5: Type the seed phrase into the hardware wallet
6: The hardware wallet will display an extended public key
7: Install a software wallet on a computer with internet access
8: Type the extended public key into the software wallet
9: To do transactions: Create a transaction in the software wallet
10: The software wallet will show a hash of the transaction
11: Type that hash into the hardware wallet
12: The hardware wallet will show a signature
13: Type that signature into the software wallet
As I understand it, there still is trust involved in steps 3 and steps 6:
3: There is not an easy way to check if the hardware wallet really has no internet connectivity.
6: There is no way to check if the hardware wallet really uses the seed phrase to create the extended public key. It could create an extended public key that the vendor can predict. One could test it a few times with throw-away seed phrases, but one would never be 100% sure.