Hi,
We have a driver file that is signed with SHA-1 cert (expires 08/20/2021) and cross-signed with a Digicert certificate (expired 04/15/2021). The signature was applied after the cross-cert expiry date.
The driver cert chain is linked to Microsoft Code Verification Root cert through the cross-signing cert in between (screen-shot below).

This driver installs and loads successfully on Windows 7.
Is it safe to publish this driver to our users even though it was signed with an expired cross-signing cert?Will this driver remain valid forever?Can this cross-signing cert be used until 08/20/2021 (expiration of parent sha-1 cert)?
Thank you
Ravi