gpg key size of 4096 and “the future is ECC”


My boss wants to sign our binary. I need to tell him how he can create the signing key.

Most if not all sites I have seen about signing binaries say “use gpg”.

OK, so gpg per default has 2048. Their FAQ https://www.gnupg.org/faq/gnupg-faq.html#sec-11-4 has several arguments why 3072 or even 4096 does not offer higher security but “costs a lot” (I assume they refer to computing resources).

Does this still apply 2020? Can I safely recommend to my boss to use 2048 key size?

What puzzles me even more though, is that on their FAQ they say:

Probably not. The future is elliptical-curve cryptography, which will bring a level of safety comparable to RSA-16384. Every minute we spend arguing about whether we should change the defaults to RSA-3072 or more is one minute the shift to ECC is delayed. Frankly, we think ECC is a really good idea and we’d like to see it deployed as soon as humanly possible.

Is it possible to use ECC for signing binaries? Are there any tutorials for that? Or is the current state-of-the-art to still use gpg with 2048 key size?