In message <rmi64t2zb30.fsf@fnord.ir.bbn.com>, Greg Troxel writes:
>  I was under the impression that DSA keys were only 1k long, by design. 
>
>One can do dsa-like schemes, but DSA itself is fixed at 1K.  OpenSSH
>may have extended it - that's a very good question.

The odds are very high that NIST will be revising DSA soon.  DSA is 
tied to SHA-1, which is threatened.  I'll be at the NIST hash function 
workshop at the end of October; I may know more after that.
>
>  This of course makes them rather useless as time goes by.
>
>Yes, with enough time, but DSA is based on discrete log, not
>factoring, so attacks against RSA don't necessarily apply.
>
The two are mathematically linked...

		--Steven M. Bellovin, http://www.cs.columbia.edu/~smb