Until this is in place our sessions are vulnerable to hijacking, users are potential targets for man in the middle attacks, packet sniffing, and packet tampering.