This is not part of the SSL standard, but is highly recommended to prevent a man in the middle attack (MITM).

虽然这不是SSL标准的一部分，但是这个步骤却是高度建议的，它可以防止中间人攻击。

youdao

Now let's modify the message, as a hacker might using a "man in the middle" attack

现在让我们来修改消息，就像使用“中间人”攻击的黑客那样

youdao

Predefined client certificates guard against a sophisticated attacker performing a man-in-the-middle attack.

预定义的客户端证书防御执行中间人攻击的复杂攻击者。

youdao

Also, client-side JavaScript encryption has its limitations since it would still be susceptible to a server-side code poisoning attack executed either through a man-in-the-middle attack or the service provider acting maliciously or subject to jurisdictional court order.

FORBES: Cryptocat Increases Security In Move Away From JavaScript Web Delivery

"Many of the systems we have built for authentication and session maintenance assume no man-in-the-middle attack, " he said.

BBC: Google tackled on e-mail security

The danger would have been that they could then have staged a man-in-the middle attack.

BBC: Google detects fake website ID certificate threat