the idea behind http was that there wont be any limitations to get patches, updates or drivers. chrome has no problems (dont know for edge), but firefox in https-only mode refuses to load, you needed to set exlucions with clicking the on the padlock. the problem behind that settings is if when users let delete website settings in firefox this exclusion is gone. that far that stupid.
I still see no point for file downloads. If there is a checksum and the file is digitally signed there was never a need for this to use up more bandwidth.
and since ms was hacked these days digital signing is russian roulette (because the stolen data included some digital certificates from ms)
Which I have to assume have been revoked. Plus, SSL wouldn't fix that anyway. Plus also, SSL is validated with digital certificates so if any are a problem those could be as well. If we are going to suggest that someone hacked them, stole certs, repackaged updates, signed them and uploaded to Microsoft's server's then the servers themselves could be hijacked as well. It's all a big circle that doesn't change my mind.
MS Catalog has been using https for me on Firefox for a couple of years, ever since I installed Smart HTTPS, with no need to change the URL as the GHacks article recommends.
