Also, Microsoft is working on a code signing service called Azure Code Signing where Microsoft issues and manages the certificate and keys and you simply upload binaries/app packages to Azure which does the signing.
That sounds like abuse of a monopoly position to me. They keep the horrendous status quo as bad as possible so their new product looks good by comparison.
As far as I can tell, the video is the only public information on the non-GA service: https://youtu.be/Wi-4WdpKm5E?t=529