When you read gov or NIST recommendation you need to take into account the fact that they need to keep the current signatures to be still cryptographically strong in 10 years or so. Hence they need to move to anything stronger much sooner than general population (or Debian).