Code review comment for ~pappacena/launchpad:https-mirrors

I'll answer the questions briefly without (yet) doing a code review:

 * Mirrors using invalid certificates should be treated as being broken, ideally with a clear error message in the prober log saying as much. releases.ubuntu.com and nl.archive.ubuntu.com don't yet officially advertise HTTPS; you only get an HTTPS response from them by coincidence (i.e. they happen to share an IP address with something that actually does HTTPS). This is one of the things mirror admins would have to fix in order to support HTTPS properly.

 * I think we need to support http_proxy, because IIRC some of the relevant deployments are in environments where that's how they talk to the outside world. But this shouldn't be a problem; we already use that for HTTPS in other places (e.g. lp.bugs.externalbugtracker.github, via lp.services.timeout). It may require refactoring the prober to use twisted.web.client or something built on top of it like treq; see for instance twisted.web.client.ProxyAgent, which knows how to do HTTPS proxying via CONNECT.