You can achieve similar benefits of verification with PGP and similarly rich object level encryption.

Be careful of gotchas in how PGP or similar work, if you choose it (notable what is or isn't plaintext).

Object level encryption typically allows for better separation of concerns as it does not bottleneck to a unique domain:port to seperate encryption contexts. It also eases separation of public facing encryption risks from private internal ones.

If a public server is breached, all HTTPS traffic can be read, but if it proxies a more secure, perhaps simpler application environment (perhaps a microservice for the specific functionality), then that application environment is not affected by vulnerabilities in unrelated public facing features (like a backup microservice might not care about how to render HTML/JavaScript, so wouldn't be vulnerable to common web XSS attacks).

It allows other benefits like: - it faciliates only user can decrypt data being sent (good for backups)

- intermediate services to load balance and block DOS don't have to be exposed to the plaintext data, only the necessary service that needs it

- many to many encrypted messages over one connection (TLS is many to 1 decrypting endpoints)

- intermediate caching and redelivery of messages can be done with ease

- similarly verification of the data with signatures reduces risk of data corruption being missed that may happen during transport.

- you don't have to depend on the Certificate Authority model (which is questionnably secure given the history of revoked CAs), you can use your own trust store or your own web of trust that could be shared with appropriate third paries or the whole web.

- if others can think of more, please suggest them

The encryption can just be used for verification (signatures) and this is very valuable for trusted content distribution, especially if you want to scale it using third parties.

Because of these properties PGP or similar object encryption technologies often play a part in secure forms of backups, email, instant messaging, software repositories and handling sensitive data in more regulated industries (health, finance, etc).

Arguably, both TLS and object level encryption together are worth doing, as object level encryption may sometimes make it more obvious who the sender and target identities are and this metadata may in itself be of a concern to leak.