Thanks, all, for the review; I greatly appreciate it.
The overall system will be online, and on the net, generating keys 24x7. I can
follow best practices to firewall the network, and physical access by an
adversary is impossible (I now this is a strong statement, but it *is* outside
of my threat model). The keygen machines would periodically grab some entropy
over the local net and mix it into their own; this is to help reduce costs of
requiring custom hardware everywhere. The idea for outside entropy is to have
an auditable (evidentiary) event that adds to the strength of the generated
keys.
Thanks again for (continued) commentary.
/r$
