I hardly ever see people talk about this use case and how to solve it with https everywhere. AND it's super widely used: e.g. debian repositories.
deb https://deb.debian.org/debian stable main
And because HTTPS is nothing more than baseline security, it's possible to automate it with things like Let's Encrypt and not add any more checking beyond current control of DNS or HTTP traffic to the domain.
(Another confusion along these lines is assuming HTTPS is useful as an assertion that a site isn't malware. It asserts no such thing, only that the site is who it claims to be and network attackers are not present. If I am the person who registered paypal-online-secure-totes-legit.com, I should be able to get a cert for it, because HTTPS attests to nothing else.)
Don't get me wrong GPG signatures with pinned public key is a lot better than trust TLS of a random mirror.
But isn't it nice to have two layers, the two key systems are independent and orthogonal that seems like a solid win.
Need I remind of Heartbleed (openssl) or the very debian specific gpg key derivation bug years ago.
There will always be bugs, we can only hope they aren't exposed concurrently :)
Majority of HTTPS traffic is sniffable and largely non-confidential, unless you pad every file and web-request to several gigabytes in size.
Does your website use gzip? Good, now padding won't help you either, — unless it is way bigger than original content. Oh, and make sure, that you defend against timing attacks as well! Passive sniffers totally won't identify specific webpage based on it's generation time, will they?!
As for authenticity… Surely, you are going to use certificate pinning (which is already removed from Google Chrome for political reasons). And personally sue certificate issuer, when Certificate Transparency logs reveal, that one of Let's Encrypt employees sold a bunch of private keys to third parties. Of course, that won't protect authenticity, but at least, you will avenge it, right?
SSL-protected HTTP is just barely ahead of unencrypted HTTP in terms of transport-level security. But it is being sold as golden bullet, and people like you are the ones to blame.
I bet the SNI issues will eventually be fixed too.
And yes, with momentum behind certificate transparency, it could definitely hold CAs to the fire :)
TLS is no silver bullet, but it's a good base layer to always add.
Consider you're a cloud provider running customer images. If everyone downloaded the same package via https over and over again, the incurred network utilization would be massive (to both you and the debian repository in general) compared to if everyone used http and verified via GPG, all from your transparent squid cache you setup on the local network.
It would probably be better to use a distributed system design for this.. BitTorrent or who knows ipfs maybe..
If you're doing this, then you've made your own HTTP client so you can do whatever you want.
"HTTPS Everywhere" is a web browser thing.
Because the rest of the content is not verified?????? That's the whole point of HTTPS????????
The whole point of having GPG is that you (as the distributor/debian repo/whatever) have already somehow distributed the public key to your clients (customers/debian installations/whatever). Having HTTPS is redundant as it is presumed that initial key distribution was done securely.