man in the middle, SSL

James Muir jamuir at
Fri Feb 2 16:15:42 EST 2007

I was reading a hacking blog today and came across this: 

> Odysseus is a proxy server, which acts as a man-in-the-middle during
> an HTTP session. A typical HTTP proxy will relay packets to and from
> a client browser and a web server. Odysseus will intercept an HTTP
> session’s data in either direction and give the user the ability to
> alter the data before transmission.
> For example, during a normal HTTP SSL connection a typical proxy will
> relay the session between the server and the client and allow the two
> end nodes to negotiate SSL. In contrast, when in intercept mode,
> Odysseus will pretend to be the server and negotiate two SSL
> sessions, one with the client browser and another with the web
> server.
> As data is transmitted between the two nodes, Odysseus decrypts the
> data and gives the user the ability to alter and/or log the data in
> clear text before transmission.
> You can find more and download Odysseus here:

It is my understanding that SSL is engineered to resist mitm attacks, so 
I am suspicious of these claims.  I wondered if someone more familiar 
with SSL/TLS could comment.

Isn't in the case that the application doing SSL on the client should 
detect what this proxy server is doing and display a warning to the user?


James Muir

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list