lists.typo3.org uses insecure HTTP form transmission
From a report that has been sent to the security team:
I just registered for typo3-announce again with another e-mail-address and my browser was showing me security risks twice.
Even though lists.typo3.org has a certificate for https, the forms for registration and confirmation send the requests to http://lists.typo3.org/cgi-bin/mailman/confirm/typo3-announce (not using https).
Maybe this forms where forgotten since once registered they won't be needed ever again.
And indeed https://lists.typo3.org/cgi-bin/mailman/confirm/typo3-announce is using
<FORM action="http://lists.typo3.org/cgi-bin/mailman/confirm/typo3-announce" method="POST" >