[dredmorbius]

Adding (or removing) CAs is a fully legitimate activity.

Your own site, work, or vendor / client sites could be added.

Or you could want to remove a Comodo (or Honest Achmed's Used Cars and Certificates).

http://www.livehacking.com/2011/04/25/honest-achmeds-used-ca...

https://bugzilla.mozilla.org/show_bug.cgi?id=647959

Just because your OS / browser vendor "trusts" a cert doesn't mean you should.

[userbinator]

Just because your OS / browser vendor "trusts" a cert doesn't mean you should.

In other words, users should always have the right to control who they (indirectly) trust. That's what the comment above is referring to - it will be even worse if Superfish is used as an excuse to take away this right.

[dredmorbius]

Quite right.