One more comment, if I may.
- Or does it mean that MSFT will itself put an authenticity signature for my corporation based on the account details?
This actually describes the OLD process. Your certificate from your certificate authority is the CA saying “I trust these people.” The cross-certificate is Microsoft saying “I trust this CA”. The Microsoft signature says “I trust this cross-certificate”, and that’s what the system looks for.
With the WHQL process, Microsoft just puts their own certificate on your driver. They are authenticating the driver, NOT your certificate. Indeed, you don’t actually need to sign a driver package before you submit it to the Hardware Dev Center. They’ll put their own on it.