[This page] (http://octopusdeploy.com/downloads) offers downloads of the latest versions of Octopus Server, Octopus Tentacle and other binaries. The actual downloads are then served from the download.octopusdeploy.com domain.
However, these downloads are only accessible through HTTP, not HTTPS. Wouldn’t it be better to make them available through HTTPS (and preferably no HTTP at all)? Using HTTP, I can’t be sure that the binary I’m downloading is genuine, and actually coming from Octopus Deploy’s servers.