If anyone out there is still using DSA, they need to be punished for negligence.
Finally! I wish OpenSSH also plan making RSA optional at build time, and set a timeline for removal shifted 1 or 2 years after DSA.
We are also likely to start exploring a post-quantum signature algorithm soon and are mindful of the overall size and complexity of the key/signature code.
That’s great news, if OpenSSH contributors commit to adding post-quantum cryptography, it’s bigger news than DSA removal.
The problem seems to be finding a post-quantum algorithm that doesn’t get obliterated by pre-quantum computers like what happened to SIKE:
https://m-cacm.acm.org/news/269080-nist-post-quantum-cryptography-candidate-cracked/fulltext
That’s doable for the server - but an OpenSSH client without RSA support will be useless for the next one or two decades, assuming the various appliance and cloud vendors react faster than they usually do.