That's not quite true, you just need to add the `insecure-registries`[1] option with a list of either IP (or ip ranges) or hostnames that you want to allow without TLS.
```/etc/docker/daemon.json
{
"insecure-registries": ["10.100.0.0/24", "registry.yourmom.example.com:5000"]
}
[1] https://docs.docker.com/reference/cli/dockerd/#insecure-regi...
Yes this is true. I should caveat that we distributed the tool among a team and we didn't want to ask them to all edit their daemon.json with an ever-expanding list of IP addresses.