<font size=2 face="sans-serif">Hi - </font>
<br>
<br><font size=2 face="sans-serif">This is a bit of a stupid question,
I'm afraid...</font>
<br>
<br><font size=2 face="sans-serif">I'm adding a quick check that the DNSKEY
records generated by ODS are of the correct algorithm and key length. This
is OK for RSA keys - we extract the modulus from the RDATA field, and take
the length of that (defined in RFC 3110). However, I can't seem to find
a definition of key length for DSA keys. Perl's Net::DNS::SEC module seems
to return the T value, which can vary from 0 to 8, but this doesn't seem
right.</font>
<br>
<br><font size=2 face="sans-serif">I know that the DSA length must depend
on the T value, but I can't find a specification for the relationship.</font>
<br>
<br><font size=2 face="sans-serif">Can somebody please take pity on me,
and point me in the right direction for a specification of how to derive
the key length of a DNSKEY-encoded DSA key?</font>
<br>
<br><font size=2 face="sans-serif">Thanks!</font>
<br>
<br>
<br><font size=2 face="sans-serif">Alex.</font>