Comment 4 for bug 1862331

I'm removing the duplicate status: bug 118593 is about loading xmlsecurity at startup even when not needed, whereas this one is a concern about what xmlsecurity does to access firefox's certificates DB.

I'm not a security expert but this looks like a valid concern to me, especially since libreoffice requests write mode to cert8.db and key3.db. Is this really needed? Is there a design doc that explains why?