1. What would you like to have changed?

Right now, Caddy's MITM detection logic is its own. It can be difficult to maintain in the long run and it is hard to be comprehensive with regards to everything that there is to detect.

Cloudflare just released an open source MITM detector based on the same paper that Caddy's MITM logic is derived from. Rather than duplicate the (complex) logic, we can adopt it.

2. Why is this feature a useful, necessary, and/or important addition to this project?

It prevents code duplication and reduces maintenance burden. Cloudflare's logic is more comprehensive than Caddy's current PoC.

3. What alternatives are there, or what are you doing in the meantime to work around the lack of this feature?

n/a

4. Please link to any relevant issues, pull requests, or other discussions.

• Blog post: https://blog.cloudflare.com/monsters-in-the-middleboxes/
• Dashboard: https://malcolm.cloudflare.com/
• Repo: https://github.com/cloudflare/mitmengine
• Godoc: https://godoc.org/github.com/cloudflare/mitmengine