The document you quote is specifically about allowing access to web sites. It doesn't seem to me to imply that custom protocols were included in the trust mechanism. I remember people used to do nasty tricks with javascript: protocols, and perhaps Adobe just took the view it was safest to block them all, as the average user (or administrator) may not be able to foresee all of the consequences of attackers using protocols.
↧