Daniel Beck how is this relevant, is this ticket a fundraiser? Is this how Jenkins Jira works now? Make it obvious then and... convenient, replace "vote" button with "donate"
Just to clarify my comment above to alleviate this controversy, previous comments from
Jenkins representatives made it clear that this ticket is not considered as rapidly growing priority (or so I read it), rather a small "inconvenience". So before even getting to fundraising if that's so necessary I want to raise awareness and make sure it's crystal clear to everyone as to where the market goes. With the recent major data leaks and increasing compliance requirements and regulations - so basic things as mandatory HTTPS not just becoming more and more common but also pops up as a hard requirement. The sooner we all realize what is that new world we all live in - the better. That said, HTTPS-enabled mirror list does not sounds like a rocket science. As an example a similar technology has already been in use for years by centos community - their yum network. Once we all accept that this request is absolutely necessary to address - the next step would be to define how exactly is to move forward with it. Is this an improvement to the existing mirror network, a voluntary or mandatory SSL certificate to join mirror network, or a whole new CDN platform? Is it even known by now how many mirror network members already have certificates and it's just a matter of config change for them? Then and only then it'll get to fundraising - when it's clear what needs to be done and how much does it cost. With such a great and huge community I'm sure it's not gonna be a problem, and I know there's certain vendors just can't wait to become partners - I already saw one offer above. This is not a new concept in the world, pretty much any open source project got to find means to host some content, pypi/gem/npmjs/yum/maven just to name a few. Nothing unsolvable here.
And once again I just want to emphasize on what it means not doing this request - for growing number of businesses it becomes a road block to even start/keep using Jenkins and look for alternatives. Entry toll to the Jenkins world becomes a little to high in terms of effort - to setup an internal mirror for a PoC project would be just a little too much. I would imagine vendors who earn money providing Jenkins Enterprise support (hi CloudBees) must be the most interested parties to keep this toll as low as possible.