Follow-up Comment #2, sr #109093 (project administration): I agree, supporting HTTPS on the repo is critically important. This lack makes it easy for someone to launch a MITM attack on the code supported by Savannah.
Note that the Linux Foundation's "best practices" badge makes HTTPS a minimum requirement: <https://github.com/linuxfoundation/cii-best-practices-badge/blob/master/doc/criteria.md#sites_https>. What's the blocker? Is there anything that can be done to help? Savannah already has the needed TLS certs, so I imagine that all that's needed is a minor configuration change. _______________________________________________________ Reply to this item at: <http://savannah.gnu.org/support/?109093> _______________________________________________ Message sent via/by Savannah http://savannah.gnu.org/
