This question about the DSA is really just one about the source of the
random numbers. Same question comes up in generating DES keys for use
with RSA, or in generating RSA keys. Either they are being cooked up
with some ulterior motive or they're not. Either way, these are issues
that potential customers need to have addressed by their *suppliers*.
Not by the PEM standards folks.
If this really is a question about random number sources...
I also have serious misgivings about the way random numbers are generated by
all the implementations (both PEM and non-PEM) I have seen this far. However,
this is definitely an implementation issue, not a standards issue.
Ned