It is these that the browser presents to the server when the server asks.
Is that really the case? My understanding was that those certificates are the ones that the browser accepts as certificates that are valid for signing *server* certificates. In other words, as long as the server certificate is signed with one of the certificates stored in the browser, it is accepted.
Furthermore, I thought that generally the browser does not authenticate itself to the server, since most people do not have a personal certificate installed in their browser anyway ... ?