I was talking with Logical about this over IRC. Also having done some mitm in my time I was thinking about the realistic application of pulling this off. Firstly it would be highly impressive to do it without stealing the session from the target.
But my thoughts on this are:
You would have to monitor traffic and specifically strip snippets of just chat messages. I also think it would require deciphering the private key because I would think it would require the injected message to be rerun through ssl. Although already having a spoofed certificate might allow a work around for that. Without stealing the session I think a combination of ettercap forced replacement would also be needed, like when you replace all the images on the targets browser. But instead it would have to be in form of the message...
Sounds tricky, entirely possible, and complicated. I'm going to try it!