Private keys "k" have to remain hidden
I think we should start adopting a vocabulary specified for these things to avoid any confusion. The k value isn't the private key, but d which are uncorrelated. Unless you mean that it's another private key and r another public key.
So, I repeat; d is your private key and dG your public key, while k another random number (not a private key in which you can unlock outputs!) and r another public key (kG).
Why random "r" values are needed in signatures?
Each signature has to have a different r value each time to avoid being one equation away of finding k. Specifically, you're that far if you reuse k and hence, r:
k = (z_1 - z_2) * (s_1 - s_2)^-1 mod n
Why k is known if it is calculated as a combination of known and unknown value?
He probably meant if it's generated with a flawed RNG. With RFC-6979 it's generated as you say, but if each time you had to use your RNG to generate another k, it'd be a matter of your RNG's strength.
So if we can derive keys in HD wallets, why not derive r values in a similar way with different derivation path?
Isn't RFC-6979 for this? Each time you sign a new transaction, the k value is a hash of d plus the transaction data unless I'm missing something. The r value isn't supposed to be generated at all; as said, it's a point on the curve calculated from k times G.
