The changes made were enabling HTTPS for the main Ubuntu Archive
(archive.ubuntu.com, us.archive.ubuntu.com, {gb,uk}.archive.ubuntu.com),
Ubuntu Ports (ports.ubuntu.com, {gb,uk}.ports.ubuntu.com), and Security
updates (security.ubuntu.com). These are operated by Canonical.We still have some community operated mirrors which we have chosen as ccTLD mirrors (e.g. au.archive.ubuntu.com) and these may not yet be available over HTTPS. The default is still HTTP and switching the default to HTTPS is something to be decided by the various Ubuntu teams. I don't think that this is what was originally reported. As many have stated in the past, in particular Robie's in #5 and Dimitri's in LP:1186793[1], the default of HTTP shouldn't be considered insecure. I'm not going to comment further on this though as it's not going to stop :) FWIW, we're (Canonical IS) using older Juju charms to manage and provision the main Ubuntu mirrors operated by Canonical. You can see the changes and file bugs for improvements there[2]. [1]: https://bugs.launchpad.net/ubuntu/+bug/1186793/comments/8 [2]: https://launchpad.net/ubuntu-mirror-charm -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1464064 Title: Ubuntu apt repos are not available via HTTPS To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+bug/1464064/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
