Add support for DSA/SHA1 (RFC 2536)

[gnarea]

An error will be thrown during verification if DSA/SHA1 is used, as we're not currently implementing this algorithm because:

1. It uses SHA-1 and DSA with 1024-bit keys, both of which are grossly insecure.
2. No TLD uses this algorithm as of November 2022 (curl -s http://www.internic.net/domain/root.zone | awk '$4 == "DS" { print $6}' | sort -n | uniq -c).
3. Given our current time constraints and the issues above, we can't justify implementing this feature now.

Having said this, we'd welcome a PR to add support for this algorithm as specified in RFC 2536.