In a previous post, Microsoft announced that all driver and system submission packages submitted to the Windows Hardware Developer Center Dashboard Portal must be signed with an Extended Validation (EV) certificate. As part of this announcement, the Windows Hardware Developer Center Dashboard portal was to introduce a per-submission check to validate that every driver and system submission was signed with an EV certificate, and any submission that was not signed with an EV certificate would be declined.
Recent partner feedback has made it clear that the enforcement of this requirement would place an undue burden on current ecosystem business practices. Therefore, the Dashboard portal will not require that every driver and system submission be signed with an individual EV certificate. There will be no per-submission check for an EV certificate signature.
Microsoft is serious about end-user security and takes necessary steps to protect our customers from malicious driver code. The EV certificate requirement was introduced to help ensure the identity and ownership of every submission to the Dashboard portal and to enforce a higher level of accountability and security to protect our customers from potentially-malicious driver code.
Dashboard portal accounts will continue to require partners to authenticate proper identity upon creation of their account by using an EV certificate. Microsoft strongly believes in the value of signing each driver and system submission with an EV certificate and encourages partners to continue signing their driver and system portal submissions using their EV certificate.