> "how would I as a Python application programmer actually use Noise", I don't see the applicability.
Depending on who that list is for I could agree with you.
This recommendation comes from the fact that I'm seeing a LOT of companies who want to have their own secure protocol on top of whatever protocol and end up re-inventing the wheel to avoid the bloatness of TLS. Noise is a good advice for these custom made protocols. I wouldn't replace TLS in the advice, but add a note: "if you really do not want TLS, there is Noise, but that's it!
> Similarly: I like Blake2 more than I like SHA-2, but SHA-2 is universally available and strong
Agree, but if we want to move to nicer/stronger algorithms we must start recommending them at some point. I want to see a push for Argon2/Blake2/SHA-3 in general.
> part of the point of recommending SHA-2 was to recommend against Keccak
Ah well, Keccak is so interesting (not only for hashing) that I would be sad if it end up not being used in the next decades to come. If you're feeling this way because of the efficiency: that's why I recommended KangarooTwelve, if you're feeling this way because of the crappy spec: alright you win.
> I don't think I actually made a key derivation or fingerprint recommendation. I like HKDF!
What are you waiting for! :)
