[tialaramex]

> why use certificates If you can use plainkeys?

TLS is for use to connect arbitrary peers on the Internet, which means you're going to need a PKI. So that means certificates.

I don't happen to agree with Noise's philosophy about agility, but that's one of those things where we'd have to agree to disagree in the short term. In terms of replacing TLS, Noise just isn't in the picture at all.

[baby]

For browsers sure. But if you're not using a browser and you're using TLS it's just a bad idea.

You can do PKI with plainkeys. You definitely don't need the complexity or x509 certs.

[tialaramex]

Nope. As I said, if you need a transport layer to connect arbitrary peers over the Internet, TLS is exactly what the doctor ordered and it already exists. Already studied, already got libraries that implement it, already got test frameworks, everything is in place. An alternative even if it was technically no worse (which isn't guaranteed) and available today (impossible) doesn't have those things.

> You can do PKI with plainkeys.

Nope. A PKI specifically involves the binding of keys to identity, that's what the certificates are for. You don't have to have X.509 (though I'll argue you might as well) but you need that binding.