Compromising the client Laptop, such as by installing a malicious root certificate to the process or browser belief store. SSL/TLS is very suited for HTTP, since it can provide some safety regardless of whether just one side from the conversation is authenticated. This can be the scenario with HTTP transactions http://XXX
