On 22 Aug 2014 04:45, "Benjamin Peterson" <benjamin@python.org> wrote:
> Perhaps some board members could comment, but I hope the PSF could just
> pay a few hundred a year for a proper certificate.

That's exactly what we're doing - MAL reminded me we reached the same conclusion last time this came up, we'll just track it better this time to make sure it doesn't slip through the cracks again.

(And yes, switching to forced HTTPS once this is addressed would also be a good idea - we'll add it to the list)