Compromising the client Computer system, such as by putting in a destructive root certification into the program or browser have confidence in retailer. SSL/TLS is especially suited to HTTP, because it can provide some defense whether or not only one side on the conversation is authenticated. This is the case http://XXX