Technologically, it's a terrible idea. The client software and the end user no longer have any ability to inspect the actual certificates used for an HTTPS connection. From the client's perspective, all HTTPS connections are really with the MITM device and use the same cert chain.
That is completely incorrect.
The MITM mechanism is the company creating an internal CA (which they and ONLY they control), and installing it as trusted on your workstation. SSL certs are still validated, its just that your employer can generate legitimately* signed certificates for any website on demand.
So, no revoking CAs that are compromised.
Again, thats not really true. A proper SSL proxy is gonna reject a bad SSL connection if the cert was revoked, or the timestamp is wrong, or the CA isnt trusted.
No using non-default root CAs
Its your employers machine; id say he has the greater right to decide which SSL certs are and are not trusted. If you need to connect to the DoD, your employer almost certainly knows about it, and if he doesnt you should probably let him know.
90% of your objections are basically that a dedicated IT team is writing the security policy (what crypto algos to use, what CAs to trust, etc) rather than you getting a say in it. Guess what: thats not your job, and the employer has every right to enforce the security policy of his choosing. It may even be a legal requirement for him to do so.