They write the following reason in the article:
But as the web and other internet technologies mature, certificates are starting to be a requirement in order to unleash functionalities, especially in web browsers, such as the faster connection protocol HTTP/2 and payment processing.
This seems really sad. But I guess it depends what the goal is. If you want to integrate onion purely on a DNS resolver and network interface level and then use a stock browser for accessing the services, yes, you'd need that.
(Then you'll also have to fight with the stock browser for using your special DNS resolver, not leaking info to Google, Cloudflare or whoever else, etc etc, tho)
But don't most people use custom browsers with built-in support for onion anyway? If that's the case, the easiest solution would seem to just declare .onion a "secure origin" like localhost and patch the browser accordingly.
> But don't most people use custom browsers with built-in support for onion anyway? If that's the case, the easiest solution would seem to just declare .onion a "secure origin" like localhost and patch the browser accordingly.
Indeed, the use of the onion TLD has been standardised in RFC 7686 [1], so browsers should really treat it as secure and stop the usual plaintext HTTP shenanings.
The article has a long list of reasons for certificates. Here's another reason:
>4. It also opens up new opportunities such as payment processing, "as current PCI DSS requirements do not allow non-standard TLS"2 and may only work with certificates having some sort of validation3. Payments card networks require HTTPS for a payment to be taken. So if someone wants to do that over an onion site they would need a TLS certificate.
As for point 1) I fully agree. I'm using it a lot currently due to lack of alternatives, mainly with java. Swagger codegen is the one I've had most success with, but both openapi and swagger codegen shares the same problems.
For internal projects we use grpc which is a breeze to use in comparison.
I'm always confused by this type of perspective. It's like asking "how is it possible to lie" or "how is it possible to say xyz"
What laws of physics prevent people from reneging on financial agreements? It happens a million times a day. It's one of the most believable human interactions. What part of it doesn't feel possible to you?
"The response was swift, and it came from starred chef Antonello Colonna. The Roman cook rejected Parisi's solution, claiming that with this procedure the pasta becomes "rubbery", and impossible to serve in a high-level restaurant. Colonna considers the method a failure and proposes cooking on an open-fire grill, with pots that have fed entire generations like a cauldron. The chef claims this traditional low-temperature technique lowers electricity costs in his restaurant."
Burning wood or charcoal lowers the electricity bill? Who would have thought!
Also, what is “low-temperature technique” supposed to mean? The open fire needs to maintain the water at 100C regardless. If low-temperature means lower water temp, then its the same as the passive method..
I mean you can try and decide for yourself how much you like it.
Boiling water can't get hotter than 100C anyway, and water needs lots of energy to both heat and cool. If you cover it and turn off the heat the water inside realistically won't get much colder in ten minutes.
I always used the half technique: if it says 12 minutes I boil it for 6 and then turn off the stove. Never ever got it wrong.
Anyway I highly doubt the biggest pasta brand in the world would ever publicize a method that makes their product any less good.
It also makes sense for Germany to have at least two, since North and South are very different in terms of production and consumption but have limited interconnect. Any fix for that is endlessly blocked by NIMBYs who don't feel the cost of their decisions.
Haha I noticed that also shortly after I made this graphic. I've used it in a few talks and posts now and always worried someone would notice. Good eye.
