Again, asking businesses to manage keys for their members lowers the bar. In a work context, the whole censor-ship resistance thing doesn't even matter. If you get fired, you're censored and obviously should be.

Ok, so I get it conceptually but how will it actually work do you think? IT team provisions the keys and gives out... ? Usernames and passwords? Bunker URLs? Java cards? Ideally in a way that both - allows use of all the apps in the ecosystem, and - passes user acceptance test. Your thoughts?