From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on dcvr.yhbt.net X-Spam-Level: * X-Spam-ASN: AS7684 133.242.0.0/16 X-Spam-Status: No, score=1.5 required=3.0 tests=BAYES_60,RCVD_IN_DNSWL_BLOCKED, RP_MATCHES_RCVD,SPF_PASS,URIBL_BLOCKED shortcircuit=no autolearn=no version=3.3.2 X-Original-To: unicorn-public@bogomips.org Received: from boston.sorah.jp (boston.sorah.jp [133.242.190.93]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by dcvr.yhbt.net (Postfix) with ESMTPS id 4BFA51FA55 for ; Tue, 15 Mar 2016 07:37:05 +0000 (UTC) Received: from mail-ig0-f180.google.com (mail-ig0-f180.google.com [209.85.213.180]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by boston.sorah.jp (Postfix) with ESMTPSA id 6107C16375D for ; Tue, 15 Mar 2016 16:37:03 +0900 (JST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=sorah.jp; s=boston; t=1458027423; bh=qZNACZrkqNZ0EUSSlQ5SQ/shWDNLfDW9OOc2LHSusTs=; h=From:Date:Subject:To; b=GBQtq+wt4tLa9CtkG72qzMQlk8F8mP/VT9KrUtZ5Czgx8jbVGmDndDlouOB3Z679F p0nSphywB6JqXSgQ07yhtLpB0w/o0tPgL0hCmjdPBn4RISFAzlQl0u+URbTydHP0tZ /+NEZ6ZknZKW0eg2r9a43bbDZvCwfwwE2VVZ56/o= Received: by mail-ig0-f180.google.com with SMTP id ig19so9223915igb.1 for ; Tue, 15 Mar 2016 00:37:03 -0700 (PDT) X-Gm-Message-State: AD7BkJK40R7F9ej5XiYWHr82vB87+c3ZwOwDtnSWGwa7AMRWR7OADcQfVASeWXLCAI3sNiSp/969ex6xzNEIaw== X-Received: by 10.50.70.39 with SMTP id j7mr21939884igu.40.1458027421002; Tue, 15 Mar 2016 00:37:01 -0700 (PDT) MIME-Version: 1.0 Received: by 10.107.27.1 with HTTP; Tue, 15 Mar 2016 00:36:41 -0700 (PDT) From: "Shota Fukumori (sora_h)" Date: Tue, 15 Mar 2016 16:36:41 +0900 X-Gmail-Original-Message-ID: Message-ID: Subject: https://unicorn.bogomips.org accepts client certificate? To: unicorn-public@bogomips.org Content-Type: text/plain; charset=UTF-8 List-Id: Hi, I found that https://unicorn.bogomips.org/ accepts client certificate. My browser prompts what certificate to use for a connection, even https://unicorn.bogomips.org/ doesn't require a client certificate. I and my colleagues are surprised about browser asking it. I guess this is unexpected behavior, is it expected?