www.cpan.org only forces TLS on modern browsers and the “user visible” pages. The index and distributions are TLS optional.
-- http://askask.com/ > On Apr 24, 2018, at 11:52, David Golden <x...@xdg.me> wrote: > > A colleague wrote this article about Python, which also uses Fastly: > https://pyfound.blogspot.com/2017/01/time-to-upgrade-your-python-tls-v12.html > > I realize that a lot of clients may not even use TLS for CPAN downloads, but > for those that do, will they be in for a surprise when our cpan.org and > metacpan.org Fastly-backed CPAN mirrors stop serving insecure TLS traffic? > > David > > -- > David Golden <x...@xdg.me> Twitter/IRC/GitHub: @xdg