> In short, it's because downloads are hosted on a mirror network, where > we cannot mandate that every mirror node run SSL/TLS. Well, I suppose we > *could*, but traditionally we have not done so, as the additional > requirement is likely to reduce the number of willing participants in > that mirror network. Somehow Fedora made it work, would be nice to have it as well for CentOS Stream. I know now maybe someone comes out and points me to the differences between how Fedora manages their mirror network and how it works for CentOS. BUT it's 2021 and browsers are starting to make https mandatory! ~pete