Yes. There are many users of 360 browser in China. If you do not join the 360 browser root certificate program, you may not be trusted by 360 browser in the future.
That for any root CA certificate to be include in 360 root store, the expiration date at the date of submission must be more than 8 years.
DST root CA x3 ruled out by this, as it expires on 2021. 9. 30. so we have to use ISRG intermediate to have any chance. but we only can provide single chain for it. but old android versions (before 7.1.1) won't trust ISRG root x1 so.. it's one or else situation.
P.S : can WE cross sign DST root X3 and include it as single chain? (ISRG root -> DST root -> LE x3 -> leaf)
hmmmmmmmm.
Does this means it will fall back to OS trust store, or it will semi-trust all certificate?
Hopefully first one, but they are the guys behind Wosign (now changed its name to wotrust), so…
From the webpage and my friends, the browser will fall back to OS certificate store and give the second padlock.
I do also realize that some CA included in the program are not yet in Windows / Mozilla / Apple's trust store (or still in progress). Not sure how that CA progressed that fast in this program. (But it's up to the company)