Michael,

>I don't know if I am reading this wrong but thia artilcle:
>
> http://blogs.technet.com/b/pki/archi...on-policy.aspx
>
> Under the Code Signing Certificates section, I think it is saying that
> if the code is signed with SHA-1 and has a timestamp before January 1,
> 2016 it will be OK until January 14, 2020.

Yes, if you have timestamped the files with a RFC 3161 compliant trusted
time stamp servers. But you need a very specific Authenticode signing tool
and Windows 7 SP1+ (better Windows 8 or later) to support RFC 3161. IMO,
99% of all developers have used the "standard" Microsoft Authenticode
compatible time stamp :-) As a result, the signature becomes invalid on
January 02, 2016.

Friedrich