As set out in the Baseline Requirements for the Issuance and Management of Publicly-Trusted Code Signing Certificates released by the CAB Forum, from 1 June 2021 RSA keys for code signing certificates will need to have a minimum size of 3072 bits.
All signatures added to a certificate issued before 1 June 2021, and therefore with a size of 2048 bits, will still continue to work.
As a Certification Authority, we remind certificate applicants that they need to generate their own key pair on a cryptographic hardware device (smart card, USB token, etc.), compliant with the security requirements stipulated in the CPS.
For further information and insights on best practices recommended for storing private keys for Code Signing Certificates, please read the details carefully.