Who gives Firefox trustworthy advice? You can change that set of advisors.
All content from a web site that advertises itself as secure has to be checked. Secure content must be accompanied by a digital signature and by a certificate that says whom the digital signature belongs to. The certificate must originate from a Certificate Authority (an organization) that Firefox knows. This hack explains how to change the certificates and Certificate Authorities (CAs) that Firefox knows about.
The Firefox Options dialog box lets you manage digital certificates. Click the Advanced icon to display that panel, expand the Certificates item, and click the Manage Certificates... button. Figure 2-3 shows that window, with the fourth tab in front.
Figure 2-3. Default certificate authority certificates in Firefox
If you click on any of the rows labeled Builtin Object Token, you can then examine the certificate by pressing the View button or limit its use via the Edit button. All of the certificates listed are bundled with the standard Firefox install. There's little reason to delete them, but you can if you want. If you do so, that will restrict the number of secure web sites that Firefox can successfully visit.
You can also list these certificates from outside Firefox. Copy these files from the current Firefox profile ...