> have https but that was more of a vanity from what I remember
It has a functional difference as well, lots of new client-side features (like webcrypto) only work on "Secure Origins" which .onion isn't, but websites behind TLS are. So if you wanna deploy say something that encrypts/decrypts something client-side on .onion, you unfortunately need TLS today otherwise the APIs aren't available.
Of course browsers could fix this, but I don't think they have any incentives to do so. I guess Tor Browser could in fact fix this, and maybe they already do, but it'd be a patch on top of Firefox I think, something they probably want to do less off, not more.
My understanding is Tor Browser already treats .onion as a secure origin, could anyone confirm?
That only helps so much, some things still won't work if the browser thinks you're talking over an unencrypted connection, like HTTP/2. Technically HTTP/2 allows unencrypted connections (h2c) but as far as I know, no browser implements it (including Tor Browser) and server support is also somewhat limited, so Tor Browser is limited to HTTP/1.[01] on Onion sites unless they have a TLS certificate.
Yes it does but you can use Tor with other browsers too so it can make sense if you want to support them.
I wouldn't recommend using Tor with anything other than Tor browser because there are so many browser features that will expose you now. If you don't need the Tor browser protections, you probably don't need Tor either.
Fair point but using Tor even if you don't need it, just to put more legit traffic noise in the network is a valid use case.
Given the actual correlations attacks governments have done on Tor traffic, I don't think more traffic moves the needle in any appreciable way. Ultimately the Tor architecture is very vulnerable to timing and correlation attacks (never use something like IRC over Tor), and the kinds of changes that would be needed to mitigate those would probably slow it down past the point of usability.
One could argue, given the limited bandwidth of the Tor network, that by using it when you don't need it, you make the experience for those that do need it worse (looking at you everyone who tries to torrent over tor).