alt Hacker NewsThat's literally how client certificates work.
It's not attempting to "read" anything, nor is it the least bit suspicious or malicious.
Your browser was asked if it would like to present a certificate to authenticate, and you were prompted to choose one if you please. You can also hit cancel as client auth can be optional and the server will either serve you the page or a 401/403.
It's like being asked to show ID to enter a pub, you can either show one or decline, and they may or may not let you enter based on that transaction.
It's a little suspicious. Why are they doing something that no other website in the world does? I was curious about zero-whatever but not enough to do whatever this is.