Issue
In an attempt to use TLS with external sites where possible, MW rewrites HTTP to HTTPS for all links to names rooted in those on a certain list maintained by Chromium.org.
This strategy fails in two respects:
- forcing TLS where it is not available, as with icecast.rte.ie
- not using TLS where it is available, as with www.gnu.org
Furthermore, what security it does provide is already matched exactly by many popular browsers.
Solution
I suggest each MW site generate its own list of hosts it has successfully contacted by HTTPS from those it links to. This would more accurately force TLS for those that support it, while not doing so for those that don't.
I also suggest including some wikitext to stop links from being rewritten.
Opinion
I believe that hobbling authors by refusing to respect what URL they specify flies in the face of Internet and Web standards and degrades any project engaged in such practices.