key generation: paranoia mode - explicit random input

[Michael Anders]

The discussion on what to do in a "partially compromized" system is IMHO
irrelevant.
If a private key has been accessed on a system some adversary might have
had a chance to tamper with(e.g. with the PRNG or generally if it is an
NSA friendly OS connected to the web ;-) , there could have been a
keylogger in place and security of the key is gone.
If you consider the NSA to be a benevolent organization, you might make
a distinction between security against criminals and security against
the NSA, but that is politics and not cryptography.

Cheers,
   Michael Anders