As has been noted, DSS requires that the keys be a multiple of 64.
According to M,Vo,&V (section 11.58, p453), DSA requires this too. It says,
"...the size of p can be any multiple of 64 bits between 512 and 1024 bits
inclusive." They are apparently quoting FIPS 186 on this. I know that
Schneier also says something similar.
I think it's tacit that DSA keys need to be multiples of 64 bits. I'm
willing to explicitly say this in the next revision. It is, of course,
polite for an implementation to permit odd-size keys, but an implementation
is permitted to reject this.
I don't see any reason to restrict the key sizes on Elgamal or RSA keys.
And as the owner of a 1723 bit RSA key, I'm against it.
Jon