Webpage should use HSTS
Given the push for HTTPS everywhere I think a project developing a TLS library should follow. Right now www.gnutls.org does not redirect HTTP requests to HTTPS and there's no HSTS header sent.
Edited by Nikos Mavrogiannopoulos