Just guessing, but owning a code-signing certificate is probably not going to be enough. Probably device drivers will need to be signed by Microsoft issued certificates.
For example, Crypto Service Providers already need to be signed by Microsoft. Not that MS seem to do any decent testing of the CSP before approving it.
Verizon or VeriSign?