[Haskell-cafe] [Security] Put haskell.org on https

[Iustin Pop]

On Sun, Oct 28, 2012 at 01:38:46PM +0100, Petr P wrote:
>   Erik,
> 
> does cabal need to do any authenticated stuff? For downloading
> packages I think HTTP is perfectly fine. So we could have HTTP for
> cabal download only and HTTPS for everything else.

Kindly disagree here. Ensuring that packages are downloaded
safely/correctly without MITM attacks is also important. Even if as an
option.

regards,
iustin