On Wed, Aug 23, 2017 at 09:20:39PM -0700, Russ Allbery wrote: > --- a/policy/ch-controlfields.rst > +++ b/policy/ch-controlfields.rst > @@ -962,6 +962,10 @@ repository where the Debian source package is developed. > > More than one different VCS may be specified for the same package. > > +For both fields, any URLs given should use a scheme that provides > +confidentiality (``https``, for example, rather than ``http`` or ``git``) > +if the VCS repository supports it. > + seconded, though I wouldnt mind a rewording to "…a scheme with better confidentiallity…" ot some such. but then, the important bit is that we recommend https here… -- cheers, Holger
Attachment:
signature.asc
Description: Digital signature