Comment 1 for bug 1651451

This of course means that even if I wanted to work around bug 1647285 (where apps using NSS don't honour the system SSL trust settings) by manually adding the company certs to /etc/pki/nssdb, applications can't even use *that*...