Sarge-in-charge wrote:...This is so wrong on many levels.
No HTTP traffic should be sent on the clear. Period. That's just the way it is in the post-Snowden era.
Really? Show me the contents of your apt sources.list. NOTHING coming from the package archives is run through https because of the huge encryption overhead; security is managed by other means. ISOs downloaded from most sources are not encrypted for the same reason. And that video or audio
stream arriving at your browser is also generally not encrypted (even if you started it from an HTTPS secured web page).
HTTPS is NOT free. Every frakin' byte that arrives and departs has to be individually encrypted. While generally imposing little noticeable overhead on the client-side ("browser"), there is an added burden on the server side that can require server upgrades to meet volume demands.
BTW, when it comes to discussing computers, software, and protocols "never say never" is generally good policy. There are enough corner cases to prove most "never do this" scenarios wrong.