For my professional obligations (working with the DDTC's D-Trade system), I secured a Digital ID from IdenTrust.
I installed the certificate on my x64 workstations. I exported the Digital Certificate to a PFX and imported it into my Sprint SGSIII (d2spr - a SPH-L710). I am running an AOSP based ROM on the device - SlimKat which is a kitkat build.
Upon importing the certificate, I received a notification as depicted in this image:
I am not interested in letting the CA see all of my network activity, as some of it is not for public consumption (especially given that I am a Gov't Contractor working on some sensitive programs).
My question is this: Is the warning that the OS tossed a warning that is possibly too generic in nature and that the CA really can't monitor all of my network activity, or is there truly a risk of the CA being able to sniff the network activity?
Please advise. Thank you, in advance.