Hi, the debian mirrors team needs to be able to point the ftp.<CC>.debian.org aliases at different backends based on their status. As such, the only service that is guaranteed to be available at these names is HTTP. Offering HTTPS on these names means breakage whenever they are pointed at a different mirror. Accordingly, we have set CAA records (RFC 6844) on the <CC>.debian.org domains to disallow any certificate issuance, and we'd like to ask mirror operators who were offering HTTPS under these names to stop doing so. They are of course free to continue offering the service under a non-debian.org domain name. Thanks, Julien
Attachment:
signature.asc
Description: PGP signature