Some time ago I've contributed a change to a certain package
repository's webserver setup that responds to http:// requests with a
301 redirect to the https:// version.  Should the same be done for GNU
ELPA?  Why/why not?

Some data points for the "why not" faction I've discovered after that
change:

- There's still Windows users who do not have an installation with the
  gnutls libraries, despite the strong suggestion to download it for the
  full experience.
- Emacs versions below 26.1 are affected by a HTTPS proxy bug [1] that
  makes life in corporate environments hard.
- The initializer of `package-archives` already generates the
  appropriate URL, so this will affect people who have redefined that
  variable and break their setup for no reason.