= problem =

There has been a recent leak of data across http where https should have been implemented.

= analysis =

Fedora infrastructure has implemented https correctly, seemingly everywhere. The DNSSEC with TLSA record is a nice touch. But now it's time to disable http wherever possible to prevent potential MITM attacks.

= enhancement recommendation =

It is recommended to disable http wherever https has been properly setup.

(There may be reasons not to do this. I'd love to have that conversation.)