Compromising the customer computer, including by putting in a destructive root certification in the system or browser have confidence in store. SSL/TLS is particularly suited for HTTP, as it can provide some security regardless of whether only one side of your conversation is authenticated. This can be the circumstance with http://XXX
