You can see that the team did a big refactor of key handling about 14 months ago that required multiple rounds changes to the DSA code.
That's the sort of cost that legacy code brings - it's not about make changing to the DSA feature, it's about the cost of maintaining the DSA code when you make changes across the codebase.
In the original mail, DJM mentions that they'd like to explore a post-quantum signature algorithm. Adding that to the codebase is likely to require some broad changes to key management, and that will be less work if there are fewer supported key types.
https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/ss...
You can see that the team did a big refactor of key handling about 14 months ago that required multiple rounds changes to the DSA code.
That's the sort of cost that legacy code brings - it's not about make changing to the DSA feature, it's about the cost of maintaining the DSA code when you make changes across the codebase.
In the original mail, DJM mentions that they'd like to explore a post-quantum signature algorithm. Adding that to the codebase is likely to require some broad changes to key management, and that will be less work if there are fewer supported key types.