

No HTTPS on Ubuntu.com. Acceptable in 2015? - erikb
http://www.ubuntu.com/

======
noondip
Here's where I would download Ubuntu ISOs from,
[http://releases.ubuntu.com/](http://releases.ubuntu.com/) and these are the
instructions I would use for verifying them,
[https://help.ubuntu.com/community/VerifyIsoHowto](https://help.ubuntu.com/community/VerifyIsoHowto)

~~~
erikb
Edit: Accepted, but does that mean you don't need https for your website?

Old text: "The hashes are also not under https domains. How do you know where
they come from?"

~~~
noondip
The hashes files are cryptographically signed with GPG. Using the web of
trust, you can be sure the files were created by the developers.

------
erikb
Maybe I've missed something, but I can't get it to use HTTPS.

