HTTPS on freebsd.org, git, reproducible builds

[grarpamp]

Is there some reason "freebsd.org" and all it's
subdomains don't immediately 302 over to
https foreverafter?

Same goes for use of svn, which has no native
signable hashed commit graph, as freebsd's
canonical repo... instead of git which does.

Not to mention the irreproducible builds / pkgs / ISO's.

These days these flaws are more than a bit ridiculous,
especially for an OS, which by definition [excepting
the hardware] should be your root of trust.

Can we get a wiki project page and some traction on this?
Thanks.