IMHO there's a huge gap between "trust this dell hardware not to contain hardware implants" vs "trust cloudflare warp to MITM every SSL connection I make"
The conflation between "Zero Trust" and "Zero Trust implemented with third-party infrastructure" is unfortunate - I think it's reasonable to feel uncomfortable with a third party being in a hyper-privileged position to effectively assert access to your infrastructure, but that's not inherent to Zero Trust and we shouldn't frame the conversation in such a way that assumes that it is.
That’s orthogonal to zero trust, however, and either way it’s still relative: if you have a policy requiring traffic inspection it’s not unreasonable to think that Cloudflare is going to be safer than some random box in the basement run by the average enterprise network team.
