Maybe I am missing something in the aspect security in regards to verifying the download. The site (releases.ubuntu.com) where you download the signature file and the hash file needed for verification does not appear to use any type of encryption. Doesn't this subject the site to a Man in the Middle Attack? Can someone explain this to me so I have an understanding or am I wrong here to suggest the site is not secure? Thank-you for your understanding of my ignorance.
Bookmarks