I had some trouble getting the BlackBerry Browser to connect via our MDS to an HTTPS site, which might be due to us only allowing HTTP through the MDS; we supply neither the BlackBerry Internet Browser on the handheld devices, nor do we allow direct TCP connections, mainly because the 8707v doesn't support direct TCP connections. On the device itself, the TLS settings showed I found a hint to the problem but no real description. In spite of the clear warning
This configuration also includes a security gap. Triple DES-encrypted HTTPS requests from the device are decrypted at the BlackBerry Enterprise Server, passed unencrypted to the Mobile Data Service, and HTTPS-encrypted before they are sent to the origin server
I changed the settings to use the MDS proxy; the security implications are clear to me, and I'm confident we can live with them. and the BlackBerry Browser can now access secured sites.