[fauigerzigerk]

The whole point of e2e encryption is to make it impossible for anyone other than the intended recipients to access the information. So conceptually, the ends of e2e are people, not devices.

I think the parent has a valid point in that terminating the encrypted channel at the device level leaves a pretty gaping hole in the not so rare event that people are forced to use employer provided devices at least some of the time.

There's a reverse issue as well though. It may well be the intention of employers (or even a legal requirement) to stop employees from syphoning off company data through some encrypted channel that IT has no control over.

So in some cases the assumption you're making that device = user may be an unavoidable compromise.