Recent SolarWinds breach was a stark reminder of the importance of stopping malicious tampering and maximizing trust. The National Institute of Standards and Technology (NIST) issued updated recommendations for key management in NIST SP 800-57. The shorter the key length, the less resistant it will be to cryptographic attacks. Microsoft has also announced that it will no longer trust 2048-bit RSA root certificates after 2030. The company now requires all new root keys for code signing and time stamping to use.
Source: https://www.helpnetsecurity.com/2021/06/07/code-signing-baseline-requirements/