HTTPS Requirement (HSTS)
Some [[new-gtld|new gTLDs]] like .dev, .app, and .page are included in browser HSTS preload lists, meaning they require HTTPS for all websites. This is enforced at the [[tld|TLD]] level, making [[ssl-tls|SSL/TLS certificates]] mandatory.
Example
Any website on a .dev or .app domain must have an SSL certificate — browsers will refuse to load HTTP-only sites on these TLDs.