On Tue, May 08, 2018 at 10:24:21AM -0700, Russ Allbery wrote:
> Could you say more? www.gnu.org redirects to https for me, so it seems
> like one can use https when referencing www.gnu.org URLs. (I would be
> surprised if that weren't the case given the goals of the FSF.)
I also got the same query via IRC, so apparently this really needed some
more words...
homepage-field-uses-insecure-uri AFAIK is based on a whitelist of known
sites that support TLS, currently it doesn't know about gnu.org (or, at
least, it didn't warn on a package I had in my hands this morning).
--
regards,
Mattia Rizzolo
GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`.
more about me: https://mapreri.org : :' :
Launchpad user: https://launchpad.net/~mapreri `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia `-
Attachment:
signature.asc
Description: PGP signature