1. MITM with fake CA, may lead the user to install/ignore a fake CA file by phishing or social engineering 2. The host name leaked by SNI header in plain text