Comment 36 for bug 1464064

>I cannot believe that Canonical has not decided to use https for all their apt repositories.

I easily can. Here are some facts:

1. Canonical is a UK-based company. Mark Shuttleworth is a British citizen.
2. UK politics is as usual has anti-crypto direction and in fact UK is a very oppressive regime. Some very nasty acts (https://en.wikipedia.org/wiki/Key_disclosure_law#United_Kingdom , https://en.wikipedia.org/wiki/RIPA_2000, https://en.wikipedia.org/wiki/IPA_2016 ) have been passed in UK like the ones mandating disclosure of crypto keys and providing the info in a decrypted form and legalizing the practice of cyberattacks and malware by UK govt agencies.
3. UK is a member of 5 Eyes and GCHQ had been doing internet surveillance.
4. Some persons who have harmed UK interests have died in very strange circumstancies.

The conclusion is simple: it is very unlikely that Mark Shuttleworth will harm UK interests (that would be a de-facto (but not necessarily de-jure, Kozma Prutkov's well-known aphorism postulates "At the sight of working ammunition how miserable are all the constitutions!") high treason) by introducing mitigations that can decrease UK agencies capabilities of committing the things that under legislation of other states (and UK itself, when they are committed not by its agencies) are felonies.