Mozilla ships with a root certificate, and they don't know who has the private key portion. Therefore, some rogue could be signing SSL certificates, executing man-in-the-middle attacks, or something else. These rogue certificates would be trusted automatically by Mozilla browsers.