Yes. It's about CIA: confidentiality, integrity and authenticity.

People most of the times only think about C

tech

Superlinear Returns

> SSL (well, TLS now) serves three purposes.
> 1. Ensuring you are getting the information the website author intends for you to get. i.e. data can’t be manipulated in transit.
> 2. Ensuring the information you are getting is in fact coming from the domain you are requesting it from.
> 3. Preventing others between you and the website from seeing the information sent back and forth.
> 
> I think you questioned the need for TLS here assuming 3 was the only purpose of TLS?

I found this comment on the linked HN thread insightful and probably very useful for a lot of folks. Sensitive data isn’t the only argument for TLS 