I have a question:
Tor Browser Bundle - Firefox ESR 17.0.9 (LATEST TOR)
Compared to: Iceweasel 17.0.9 (LATEST TAILS Linux distribution)
To be found in Tails (not found in TBB), some additional certificates:
DigiCert Inc -> DigiCert High Assurance EV CA-1
DigiCert Inc -> DigiCert High Assurance CA3
GeoTrust Inc. -> Google Internet Authority G2
StartCom Ltd. -> StartCom Class 2 Primary Intermediate Server CA
The Go Daddy Group, Inc -> Go Daddy Secure Certification Authority
The USERTRUST Network -> Gandi Standard SSL CA
All these are listed as "Software Security Device" certificaties.
The others are "Builtin Object Token" and baked in the browser.
Mozilla's documentation explains about "Software Security Devices":
"Software Security Device stores your certificates and keys that aren't stored on external security devices, including any CA certificates that you may have installed in addition to those that come with the browser. "
https://www.mozilla.org/projects/security/pki/psm/help_21/using_certs_help.html
Question is: did TAILS added some extra CA's ?