This blog post is very vague, one can understood from it that Microsoft will not trust any new certificates from these two CAs:
"Microsoft will begin the natural deprecation of WoSign and StartCom certificates by setting a “NotBefore” date ... Windows 10 will not trust any new certificates from these CAs after September 2017." But this probably not the case; I guess the article refer to removal of the old roots of StartCom and WoSign as they [probably] didn't go through Microsoft Audit process again (required annually) for these certs [1]. 'Microsoft Trusted Root Certificate' [2] isn't open to public comments/review, so we can't really tell what exactly is that status, probably StartCom and WoSign will file a request for the new roots to be included. Links: 1. http://aka.ms/auditreqs 2. https://technet.microsoft.com/en-us/library/cc751157.aspx _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy