Old Androids and other systems where you don't get to update your root CAs mean that you can never add new CAs because too few devices trust them, or enfore new TLS versions because you have to assume that too many people use very old devices, maybe, I don't know, I'm not an expert, if someone can explain what really is at stake here.
rpigab|1 year ago