Does this mean that users will no longer be able to MITM most apps on their own phone by installing a custom cert and proxying all requests through another machine?<p><i>User-added CAs<p>Protection of all application data is a key goal of the Android application sandbox. Android Nougat changes how applications interact with user- and admin-supplied CAs. By default, apps that target API level 24 will—by design—not honor such CAs unless the app explicitly opts in. This safe-by-default setting reduces application attack surface and encourages consistent handling of network and file-based application data.</i>