Secure boot is designed to verify software signatures. The UEFI bios might support loading software over https, but it isn't part of secure boot. Secure boot would verify any kernels/etc loaded from https.
reply> Secure boot is designed to verify software signatures
replyaka integrity.
HTTPS is a useless gesture here, adding complexity to critical software that needs to be as simple and auditable as possible.
That was the point as I read it. Payload signature verification is a good and sometimes desirable alternative to transport encryption when the payload itself isn't secret.
replyHighly-cacheable resources like game and OS updates are often intentionally delivered over http as signed payloads to facilitate middlebox caching.