Hi,

On 03/03/18 10:12, Stephen Connolly wrote:
On Sat 3 Mar 2018 at 09:02, Karl Heinz Marbaise <khmarba...@gmx.de> wrote:

Hi,

I just realized that our download link from the download page[1] points to:

http://artfiles.org/apache.org/maven/

Is that intentional ?


Depends on geolocation... my link is

http://mirrors.whoishostingthis.com/apache/maven/maven-3/3.5.2/binaries/apache-maven-3.5.2-bin.tar.gz


Yeah that's what I expected but should all mirrors using https instead of http?

Apart from that where can given an hint about the "wrong" url via http instead of https ?

Just a INFRA ticket ?

Kind regards
Karl Heinz Marbaise



Good idea? on http instead of https ?


We should probably include the sha256 on the actual download page then...
as that page is served over https if asked for.

We cannot force the mirrors to serve over https iiuc



Why not using:

https://www.apache.org/dist/maven/


Maybe I missed somthing ?


Kind regards
Karl Heinz Marbaise


[1]: http://maven.apache.org/download.cgi

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
For additional commands, e-mail: dev-h...@maven.apache.org

Reply via email to