Well, adding a note as I just faced the problem (in this case, admin of xapian repositories at www.xapian.org/repo/path reconfigured the system and started to redirect to xapian.org/repo/path, buuuuum).
a) The opinion that 'doing redirects is extremly risky' is simply false. In case mirror admin is hostile, he or she can directly provide hostile content or proxy it instead of redirecting. b) HTTP redirects are fairly standard and frequently used, and website admins tend to believe they can transparently use them. Debian official mirrors admins probably know about the problem, but people who are publishing small repositories for dedicated packages may need to use them or just does not know about the problem. c) There may be cases when HTTP redirects would reduce traffic, if the same file is reused in multiple distributions/architectures, redirecting (instead of server-side symlinking) would reuse cache on in-between proxies... -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
