Libp2p QUIC with npub is faster than websockets with DHKE noise.

In the case of Nostr, Libp2p QUIC provides better security against MITM attacks… if you know the relay’s npub and can establish an encrypted connection with it. Npub is used as the Libp2p ID.

If you don’t know the key to the nodes you’re connecting to then noise is indeed the way to go — ephemeral key generation — given you can’t use their known npub to stop MITMs. CAs were made to stop MITMs especially — this gives us our own way of doing it, if you have the relay’s key from a trusted source beforehand.