Thanks for clearing that up, and I fully agree with everything you've said, but considering that my comments went into the negative, everyone else has misunderstood me, otherwise it would be clear that I had made a misjudgment after someone misused the term, "attack", apparently referring directly to the topic in a non-literal sense. I could have much earlier been set straight earlier by the other commenter. I wasn't trying to berate him about his gaff, I just thought he might appreciate that there was this test case scenario he might not have considered. Initially, I was clear that you were honorably proxy testing packet decryption, but later my perception became confounded by this complication.
The topic at hand would have been more clear if they had used the more general term, "decryption" and "proxy", rather than "attack" or "MITM". The implementation is identical and the terms are frequently used to demonstrate the process, but the meaning of the terms differentiate per use-case and intent. ITT there appear to be three varying usages of the term, "attack", in regards to legitimate packet decryption for the purpose of testing:
properly used when describing an attack with malicious intent, whether live or simulated for testing
properly used when referring to MITM attack methodology to exemplify the process for implementation
improperly used when directly referring to the testing proxy itself
It's possible that we all understand we're talking about an http proxy in a specific implementation where there no external configuration is required before allowing decryption of packets by behaving as a client/server reflector, transparently obtaining/serving/replacing all keys/certs necessary. Correct me if I am wrong, but it seemed at least two commenters failed to acknowledge that there is a legitimate test case for using an identical implementation for the purpose packet analysis, or otherwise failed to acknowledge that it would be misleading to use the same term to describe both scenarios. This misuse of the term resulted in faulty ambiguity that I failed to notice in some comments lacking context. Given little context from a couple of your repliers, they appeared to be talking about attacks specifically, while it's possible they were considering penetration testing or SSL decryption with web proxies in general. This apparently gave the false impression that I had disputed semantics of the term, "attack", although I did not dispute semantics until now, seeing as I thought "attack" had been meant literally. To clarify, discussing attacks is perfectly acceptable and I would be disappointed if they weren't discussed. Just in case there are any further misconceptions and to state the extremely obvious, it will also be unnecessary to deploy any actual attacks by transparent men hiding in the middle, but that's another use case altogether.
tl;dr: sorry for the long explanation, but its demanded of me by the censors that go around constantly downvoting shit that rather deserves a proper fucking explanation, you bitchasses.