I haven't allowed anything shorter than 2048 bits to be generated in our shop in a couple of years. It's not hard -- just specify the number when making the key.
How tough is that? WTF?
Some shops have development tools that are more than just a couple of years old.
Dunno how many bits those dlls were signed with, but I’d expect good FR SA folks might want to inventory their legacy software artifacts post haste.
I remember when people who used 1024-bit keys were considered hopelessly paranoid. In real life it really wasn't all that long ago. In internet time, it was ages of course. I wouldn't be suprised at all by legacy installations that still had smaller keys. It still takes quite a bit of computational power to crack 768-bit keys. I don't believe even 512-bit keys can be cracked in anything approaching real-time, though they are within easy reach of someone with a bit of spare change, time, and a high-value target. Marking 768-bit keys as completely invalid is a bit excessive IMO. A warning for small keys would be sufficient for most of the few remaining organizations using them to have incentive to update to more secure keys.