I'm working on an App that streams a number of remote live videos. These live videos vary in URLs and most of them use HTTP not HTTPS.
It's true you should refer to Apple. This answer is not great in terms of guidance to developers.
That being said, this is Apple's latest stance on the matter: