Yesterday I installed the CA cert on my iPhone via mitm[dot]it in order to do some reverse engineering and with all the exploits we’re seeing these days, I wondered if this CA cert could be abused by a malicious MITM. Just to be on the safe side, I removed the certificate. It’s no big deal because it’s so easy to reinstall.
Am I being paranoid or should there be a warning about this in the docs and on mitm[dot]it?
I created a pull request: https://github.com/mitmproxy/mitmproxy/pull/2646 I’ll close it if this is being overly cautious.