Re: No middle road to stop the man in the middle
With a clear text protocol it's then trivial to alter the digest in flight.
To make this work, you need to establish a cryptographic chain of trust to ensure that the server you think is sending you data actually is.
Establishing that trust is the key, and is what ssl certs are used for. You delegate trust to a central authority that acts as a mediator. That they are also used to establish a fully encrypted transport is a separate thing to my mind.
All the financial and operational costs will still be there. The minimal runtime overhead of always on encryption on't be, but it's really small.