When distributing binary and source code versions of Firefox, Thunderbird, andother Mozilla-related software products, Mozilla includes with such softwarea set of X.509v3 root certificates from various CertificationAuthority (CA) operators. The included certificates have their "trust bits"set for various purposes, so that the software in question can use the CAcertificates to anchor a chain of trust for certificates used by TLS serversand S/MIME email users without having to ask users for further permission orinformation.