>From a purely security best practice (not necessarily Aruba), it's a good
idea to maintain a complete trust boundary for BYODs. If you issue certs
from your internal CA to your BYODs, you could inadvertently grant access to
other services who are doing a basic client certificate check.
We can add it to the list. Can't give an ETA right now though.