Gregory's ServerApple+iOS/macOS can do it because they have end to end control of the whole stack, right down to secure hardware key storage *including hardware manufacturing*
Android phones also could, if they were motivated to. But any PC running windows or Linux, and probably also Chromebooks, literally don’t have a way to securely distribute such a private key.
🤷 as such, this doesn’t seem worrisome, rather someone’s academic plaything.
@borland @thomasfuchs I'm guessing they essentially want to provide a web api for the attestation MDM solutions provide on the device. Don't know how they technically manage the keys though