It seems the AS is a mapping from some other identity to a pubkey. This is a worry if there is an "other" identity. nostr:nprofile1qqsvnx99ww0sfall7gpv2jtz4ftc9v6wevgdd7g4hh7awkpfvwlezugpz4mhxue69uhkummnw3ezummcw3ezuer9wchsx06t26 just like nostr already has pubkey identities, so what's the problem.
An essay explaining why we don't plan to use MLS: https://www.poberezkin.com/posts/2025-08-12-mls-the-naked-king-of-end-to-end-encryption.html
A sidenote, is that Nostr's Whitenoise avoids its main problem.
TL;DR: MLS security model is "Trust me bro".
Discussion
WhiteNoise is mentioned in the post.
What's not mentioned is how nostr:nprofile1qqsvnx99ww0sfall7gpv2jtz4ftc9v6wevgdd7g4hh7awkpfvwlezugpz4mhxue69uhkummnw3ezummcw3ezuer9wchsx06t26 is different from Whitenoise. Both use pubkeys as identities so both can use MLS without AS.