Host-specific certificate data is not validated or is
					incorrectly validated, so while the certificate read is valid, it may not be for
					the site originally requested.If the host-specific data contained in a certificate is not checked, it
						may be possible for a redirection or spoofing attack to allow a malicious
						host with a valid certificate to provide data, impersonating a trusted host.
						While the attacker in question may have a valid certificate, it may simply
						be a valid certificate for a different site. In order to ensure data
						integrity, we must check that the certificate is valid and that it pertains
						to the site that we wish to access.