And perhaps others.
Nebula ( https://watchnebula.com/ ) is run by Curiosity Stream ( https://curiositystream.com/ ), a documentary-focused streaming service. Nebula itself is a push by science communicator YouTubers to move away from the adpocalyptic YouTube.
I've not actually checked out either myself as yet.
It's the encoding that's the issue. Sure, Windows has code pages and supports the character sets of all sorts of languages, but not all at once (until Windows 10 version 1903 which introduced this Unicode codepage to have it "all in one"). The specific issue I ran into was that the windows dialogue that python's tkinter invokes returns a utf-8 encoded string, but the program in that instance was running with cp1252 (UK encoding) and there's no working conversion for that character into cp1252. FTR I was testing with one of the 'heart' codepoints, as it's what I had handy for testing the code. With 1903 and later you can just use the Unicode codepage and it all Just Works[tm].
Windows has had 'wide character' UTF-16 support for a long time if underlying code uses the correct API calls for handling strings, but that doesn't support the complete range of code points that UTF-8 can support. Basically at some point someone at Microsoft chose to go with UTF-16 rather than UTF-8 and that turned out to be a bad call.
The relevant date would be when the version before 1903 was out of support.
But at least we're moving back to the main point I was trying to make, with the UTF-8 issue being an example. It doesn't matter if Windows 7 use drops to literally zero, we'll still have people on now unsupported releases of Windows 10. Some of them object to it being more difficult to disable telemetry in later versions. Others might have been scared off by the numerous issues various releases have had. But in the end it just means they're users with unpatched Windows 10 running against known security issues, and have a high probability of their machine becoming part of a bot net at some point.
Not all 'Windows 10' installations are equal.
This is specifically with regard to Python and TKinter. If you try to use their folder selection dialogue with a UTF-8 character in the returned folder name whilst using a codepage other than the Unicode one (65001) an exception is thrown due to (in my personal test case) cp1252 not matching up. If you try to select a UTF-8 encoding with the locale functions prior to Windows 10 1903 the program will fall over flat (no python exception with a py2exe produced executable).
With Windows 1903 or later you can set an application manifest option to use the Unicode codepage and have a UTF-8 encoding already active at program start. Then everything just works.
I help maintain some OSS software and we're unable to properly, universally, switch to UTF-8 because of users insisting they stay on older versions of Windows 10 (pre-1903, which added the Unicode codepage support). I'm sure there are going to be other features/upgrades/fixes where users lingering on older versions are going to be a pain.
So, I do wonder about a breakdown of which Windows 10 releases/builds are in use. In 10 years time are we going to be rid of anything but Windows 10 for Windows OS versions, but still stuck with people using 5+ year old releases of it ?
Again, I ask, why does my marketing site need a cert at all?
Because you never know when that site might be expanded, or get referenced on another. Make encryption the norm and you won't even need to think about it.
What value is there in a one year vs three year?
The whole reason for this
We have real work to do. This is bullshit and a waste of time for most sites.
The true waste of time is not automating your certificate renewal, with alerts in place if it fails (not only the actual obtaining of the new cert but also putting it in place so it is actually used by the live service).
Automate all of this and you then have less to worry about, and thus more time for 'real work'.
I automated the entire process of renewing LetsEncrypt (free to anyone! Wildcards if you use the DNS authentication!) certificates. Now all I have to do is cast a quick eye over the weekly emails to be sure it went well. It does 99% of the time (exceptions being when a user didn't tell me they were letting a certificate expire so it needs taking out of that particular certificate, or the entire certificate removing from the scripting).
I don't have too much of an issue with JSON. Its biggest problem, unless you use some extension, is you can't have in-line comments (which also means not being able to disable a block by commenting it).
But then last I heard YAML still has the issue of no block start/end markers meaning if a file gets cut off part way through it likely won't throw any errors (unless you're validating the content in a way that requires things that are now missing). If only they'd gone C-style instead of python "indentation is significant"....
"And remember: Evil will always prevail, because Good is dumb." -- Spaceballs