Confirm, administrator
5,526
edits
Changes
m
→How To Override Default Root Certificate Settings
See the [[CA:Root_Change_Process|Root Change Process]] if you are looking for instructions for changing default root certificates in Mozilla products.
When distributing binary and source code versions of Firefox, Thunderbird, and other Mozilla-related software products the , Mozilla Foundation and its wholly-owned subsidiary the Mozilla Corporation may include with such software a default set of X.509v3 certificates for various [[CA:FAQ#What_are_CAs.3F | Certification Authorities (CAs)]]. The certificates included by default have their "trust bits" set for various purposes, so that the software in question can use the CA certificates to verify certificates for SSL servers, S/MIME email users, and digitally-signed code objects without having to ask users for further permission or information.
CAs apply to have their root certificates [http://www.mozilla.org/projects/security/certs/included/ included by default in Mozilla products] by following the [http://www.mozilla.org/projects/security/certs/policy/ Mozilla CA Certificate Policy] and applying for inclusion as per [[CA:How_to_apply|CA:How_to_apply]].
