Use of TLS and X.509 certificate on blog.launchpad.net (news.launchpad.net)

Whenever you access a Launchpad web page using HTTP instead of HTTPS, you are redirected to the corresponding HTTPS page. Which is good, of course.

<URL:http://blog.launchpad.net/> does not show this behavior. I would expect it to redirect to <URL:https://blog.launchpad.net/>.

Furthermore, <URL:http://news.launchpad.net/> redirects to <URL:http://blog.launchpad.net/>.

If I use <URL:https://blog.launchpad.net/> or <URL:https://news.launchpad.net/> I get a security warning. These two sites share a self-signed(!), version 1(!) X.509 certificate with CN=news.launchpad.net(!).

What I would expect:
* When I go to <URL:http://blog.launchpad.net/>, I am redirected to <URL:https://blog.launchpad.net/>.
* When I go to <URL:https://news.launchpad.net/>, I am redirected to <URL:https://blog.launchpad.net/>.
* When I go to <URL:http://news.launchpad.net/>, I am redirected to <URL:https://news.launchpad.net/> (which redirects me once more, see above).
* Both sites, blog.launchpad.net and news.launchpad.net, use a version 3 X.509 certificate including their domain. This can either be a shared certificate with CN=blog.launchpad.net and SubjectAlternativeName=(DNSName: blog.launchpad.net, DNSName: news.launchpad.net) (like the one for launchpad.net/www.launchpad.net) or both sites could use a separate certificate for only their domain. Alternatively, the certificate for launchpad.net could be used after adding these two domains via a DNSName each in the SubjectAlternativeName extension. Perhaps they could also use the *.launchpad.net certificate which is currently used for help.launchpad.net.