<div dir="ltr"><div> On Mon, Mar 10, 2014 at 1:35 PM, Daniel Kahn Gillmor <<a href="mailto:dkg@fifthhorseman.net" target="_blank">dkg@fifthhorseman.net</a>> wrote:<br>><br>> On 03/10/2014 12:51 PM, Alex Xu wrote:<br>
> > It's not on <a href="http://bbc.co.uk" target="_blank">bbc.co.uk</a> per se; it's on another site whose resources are<br>
> > requested by the main site. I *think* it's related to video content, but<br>> > not sure.<br>><br>> Is it still happening for you? the popup dialog i get in iceweasel 27<br>> (the firefox variant on debian) when i visit sites that require client<br>
> certs says:<br>><br>> This site has requested that you identify yourself with a certificate:<br>> <a href="http://foo.example.com:443" target="_blank">foo.example.com:443</a><br>> Organization: "Example Corp."<br>
> Issued under: "Global Root CA"<br>> Choose a certificate to present as identification:<br>><br>> What does yours say when you see this happening? that should help you<br>> to figure out what site is causing this.<br>
><br>> --dkg<br>><br>><br>> _______________________________________________<br>> HTTPS-Everywhere mailing list<br>> <a href="mailto:HTTPS-Everywhere@lists.eff.org" target="_blank">HTTPS-Everywhere@lists.eff.org</a><br>
> <a href="https://lists.eff.org/mailman/listinfo/https-everywhere" target="_blank">https://lists.eff.org/mailman/listinfo/https-everywhere</a><br><br>An example URL:<br><a href="http://www.bbc.co.uk/news/magazine-25816000" target="_blank">http://www.bbc.co.uk/news/magazine-25816000</a> which then redirects to <a href="http://www.bbc.com/news/magazine-25816000" target="_blank">http://www.bbc.com/news/magazine-25816000</a><br>
<br>See the attached screenshot (slightly edited for privacy reasons).<br><br>@Daniel, I'm not sure how to get the IP address of the server being used. Running host on those domains returns several IPs..any tips?<br>
<br></div>
One other important thing I just noticed. The BBC (partial) rule is enabled (by default), but BBC.com (false MCB) is not. Enabling that rule the gives me https <a href="http://bbc.com">bbc.com</a> urls, but Firefox warns me that the page is only partially encryped. The page still pops up the certificate dialog, however.<br>
<div><br>--<br>-Austin</div></div>