Comment 1 Emanuel Haupt 2017-08-27 06:58:54 UTC

The porters handbook doesn't state anything specifically about using HTTPS MASTER_SITES to this day but it has always been best practice to avoid them or at least have a HTTP site in there for people behind evil proxies. I share your sentiment that "encryption is good" but the integrity of the distfiles is guaranteed hhe SHA256 checksums in the distinfo file. If the HTTP sites would redirect to HTTPS this would justify replacing the HTTP sites but this is not the case. I suggest either leaving it as is or just adding the HTTPS sites without removing the HTTP ones. Feel free to commit either of the two options.

Comment 2 Emanuel Haupt 2017-09-17 13:13:40 UTC

I've added HTTPS alternatives.

Comment 3 commit-hook 2017-09-17 13:13:50 UTC

A commit references this bug:

Author: ehaupt
Date: Sun Sep 17 13:13:11 UTC 2017
New revision: 449999
URL: https://svnweb.freebsd.org/changeset/ports/449999

Log:
  - Remove unavailable MASTER_SITES
  - Add HTTPS alternatives by request [1], deliberately keep corresponding HTTP
    hosts for providing a variety of sources (not for integrity since this is
    guaranteed by the distinfo checksums)

  PR:		221725 [1]
  Submitted by:	xmj [1]

Changes:
  head/net/rsync/Makefile