As of today I still am getting untrusted cert thought I would re-ping to see if there is an ETA.

On Thu, Aug 21, 2014 at 10:32 PM, Terry Reedy <tjreedy@udel.edu> wrote:
On 8/21/2014 7:25 PM, Nick Coghlan wrote:

On 22 Aug 2014 04:45, "Benjamin Peterson" <benjamin@python.org
<mailto:benjamin@python.org>> wrote:
 >
 > Perhaps some board members could comment, but I hope the PSF could just
 > pay a few hundred a year for a proper certificate.

That's exactly what we're doing - MAL reminded me we reached the same
conclusion last time this came up, we'll just track it better this time
to make sure it doesn't slip through the cracks again.

(And yes, switching to forced HTTPS once this is addressed would also be
a good idea - we'll add it to the list)

I just switched from a 'low variety' short password of the sort almost crackable with brute force (today, though not several years ago) to a higher variety longer password. People with admin privileges on the tracker might be reminded to recheck.  What was adequate 10 years ago is not so now.

--
Terry Jan Reedy