This blog post is very vague, one can understood from it that Microsoft will
not trust any new certificates from these two CAs:
"Microsoft will begin the natural deprecation of WoSign and StartCom
certificates by setting a “NotBefore” date ... Windows 10 will not trust any
new certificates from these CAs after September 2017."
But this probably not the case; I guess the article refer to removal of the old
roots of StartCom and WoSign as they [probably] didn't go through Microsoft
Audit process again (required annually) for these certs . 'Microsoft Trusted
Root Certificate'  isn't open to public comments/review, so we can't really
tell what exactly is that status, probably StartCom and WoSign will file a
request for the new roots to be included.
dev-security-policy mailing list