Meh. RSA is only used to sign things in SSH and the keys used are generated in a conventional way and with the parameters you'd be told to pick (e.g. exponent 65537)
I'd say at this point the risk of silly goofs in the curve code is similar to the risk from RSA given how well understood it is.
I'd say at this point the risk of silly goofs in the curve code is similar to the risk from RSA given how well understood it is.