Thanks for kind wishes. That’s correct, NativeConnect uses Private API, similarly to Fastlane and all other tools for ASO. Let’s hope for the next WWDC, maybe Apple makes them public.
As far as I remember, TestFlight in 2010 used both yours and their own enterprise certificate to sign apps with Apple and distribute them for public. Not sure however, sorry
That's not correct; they used ad hoc signing. They collected UDIDs with a configuration profile served over the web. I think enterprise was also an option, but it wasn't the only one – most organisations used ad hoc.
As far as I remember, TestFlight in 2010 used both yours and their own enterprise certificate to sign apps with Apple and distribute them for public. Not sure however, sorry