Actually it would be good if the webmaster behind this reboot got SSL set up. Especially if this is going to be the new most authoritative download source.
That would be prudent regardless. If you trust HTTPS, why verify the PGP signatures? And if you don't, verifying the PGP signatures does not get you anything if you have no reason to trust the key.