It states something about "your organisation's security requirements", do they document what requirements cause this rejection page? Some kind if changed default perhaps?
It states something about "your organisation's security requirements", do they document what requirements cause this rejection page? Some kind if changed default perhaps?
No, this is easily the biggest flaw in CAA - there is no way to discover which policy broke your access. I have reported this to Google multiple times, even sent this directly to a Google SecEng (a well known one) to route internally. The issue persists and makes configuring CAA extremely painful and error prone.
Maybe not, but I have the feeling Google doesn't like that FF continues to support manifest v2.
I think it's just that some of the device policy restrictions the Org admin can choose to enable don't work in FF. So if they require them, no FF.