> While certificate-less TLS is in theory possible with RFC7250 bare public keys Pre-shared keys (PSK) don't require certs, maybe that meets the need. A thing to know about PSK is that each side is fully trusted, and if one side gets the key stolen, then the thief can pretend to be either side.