Sorry I meant distracting not confusing. It is whistling past the graveyard to use trust-all-certs and have any confidence wrt mitm. Rather than artificially suggest there is a scenario where this is valid just say.
Prior to jclouds 1.8.2 using trust-all-certs also implies a potential of SSLv3 use(link to jira with workaround). Regardless, don't use trust-all-certs if you are concerned with MITM attacks. The above is far less embarassing for the project.
