You can add a root CA to both linux and os x. No problems. Though on an iPhone you'll have to jailbreak it first...so I guess apple didn't think of that, or they don't care.
No, you don't. Installing a root ca an iOS device is as easy as sending it via mail to the device and then clicking on it (with a few more clicks to confirm).
edit (because I can't reply): It does show a big warning and you have to enter the device unlock code to do this, so it should be reasonably safe.
It is necessary — some places have custom non-public CA's, for things like S/MIME and internal servers.
On the other hand, I'm pretty sure Siri doesn't have to communicate with your company's internal servers (and my paranoia already suggests a malicious IT department, reckless — and probably illegal — as that would be), so the code should, in my opinion, accept only specific CAs.
edit (because I can't reply): It does show a big warning and you have to enter the device unlock code to do this, so it should be reasonably safe.