[echoangle]

Yes, but normally this is done by making your own CA and installing it into your client devices, not by getting it into every device globally by working with Microsoft.

[hulitu]

> Yes, but normally this is done by making your own CA and installing it into your client devices, not by getting it into every device globally by working with Microsoft.

Google, Facebook, Microsoft, Apple, Cloudfare, Godaddy, Lets encrypt. They all "work with Microsoft".

[echoangle]

Does any employer get a certificate from any of the CAs you listed to MITM their internal networks?

[3np]

The listed companies are employers. I think they all have self-managed CAs.

[echoangle]

Yes, but surely the listed companies don't use their public and globally trusted CAs to MITM their internal networks. I hope they have another internal CA to allow them to MITM their internal Network.