Compromising the client Personal computer, for instance by setting up a malicious root certificate in the system or browser believe in retail store. SSL/TLS is particularly suited for HTTP, because it can offer some safety even when just one facet from the interaction is authenticated. This is actually the circumstance http://XXX
