It's a little suspicious. Why are they doing something that no other website in the world does? I was curious about zero-whatever but not enough to do whatever this is.
It's a little suspicious. Why are they doing something that no other website in the world does? I was curious about zero-whatever but not enough to do whatever this is.
> Why are they doing something that no other website in the world does?
Clearly other sites do since the user who shared the anecdote has certificates already configured in their browser? It's uncommon but pretty easy to understand how this happened.
Bear in mind, this is public/private key crypto so it's not like the site is asking for your facebook password or something. The site owner has no way to reuse a certificate to imitate the user.
Plenty of sites do this, you just don't interact with them. Corp and govt intranets love this stuff.
Right, I've interacted with them when I had to for work. I wouldn't post any of them on HN though.
Bruh it's one line in nginx config.
> that no other website in the world does
That you know of. Anywhere with stringent security it's everywhere.