I have no idea what you're trying to say, there's no IT department managing my laptop and none of the IT departments I've worked in or with "MITM everything." Do you want to try again?

▲

pc86 4 hours ago | parent [-]

On the flip side, every company I've ever worked for has installed trusted company certs on their computers and do MITM everything.

▲

Joker_vD 4 hours ago | parent [-]

Yep. You apparently need HTTPS for intranet resources too, or you can't develop/use web-apps in Chrome, and since no self-respecting CA would certify your localhost, internal homegrown CA it is, baby — and given the web runs on the lovely model "any CA can attest any website; okay, maybe CAA is not a bad idea"...

	▲	NoahZuniga 3 hours ago \| parent [-]
		Even with CAA records, any CA can still create a cert for any website. So if you're worried about an untrustworthy CA, then this won't help you. It could make it less likely for a CA with buggy code to accidentally issue a cert for your domain.