Search:

Is this enabled by default?

And my main concern is public networks. It should be impossible for a MITM to intercept any APT transport (with SSL).

Would the ISP know what APT repo/if it is an APT repo if it was encrypted?
If so, a HTTPS proxy should be able to take care of that.

And what about my other point?

2. "...numerous research...

The bandwidth issue is the only reason I wouldn't do it, but there are still reasons why I would prefer it encrypted:

1. Privacy (needless to say that I don't want someone knowing I'm downloading...

In a world where your ISP and government are not out for your best interest, you cannot be careful enough.

Why are the default sources for Kali insecure? (http)
Why isn't apt-transport-https...