Hi, I am concerned about the non-free firmware download here<http://cdimage.debian.org/cdimage/unofficial/non-free/firmware/jessie/current/>. The checksum files do not have corresponding gpg signature files. I see that you can access the URL over SSL/TLS by changing the scheme to https as in https://cdimage.debian.org/cdimage/unofficial/non-free/firmware/. I think the signature files should be added or the unsecure page should have checksums delivered using https like they are if you access the page using https<https://cdimage.debian.org/cdimage/unofficial/non-free/firmware/>.
Regards, Leon
