Props to Microsoft, who have literally made "not randomly force-installing shit on your corporate computers from the app store" a way to extort businesses into signing an Enterprise agreement.
NGOs have no reason to be MITM'ing their volunteers or employees. Custom root CA support is needed purely for nefarious corporate asset-control/employee-policing purposes.
-
-
FWIW I define BYOD largely by whether it necessitates "device management" backdoors & policies that compromise personal privacy to corporate IT and demand right to wipe disks.
-
If you can use a personally-owned device without those considerations, it's largely outside the scope of what I'd call BYOD (but probably an awful idea for the company).
End of conversation
New conversation -
-
-
Uh... no? PKI has pretty extensive theoretical uses, it's just most people don't bother because of complexity. Sure, I'm somewhat eccentric for having a 'personal CA' for my private network, but I've seen at least 2 NGOs use their own CA/PKI for internal authentication purposes.
-
A "personal CA" or "company CA" is fine if it's only authorized to sign for domains you own. It's not ok if it's a root CA and can sign for arbitrary domains.
-
Tweet unavailable
-
Fair point.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.