I'm a networking guy by profession + a big IPv6 fan as well (yay HN these days! news.ycombinator.com->2606:7100:1:67::26)... but don't hold your breath that IPv6 will lower the price of routers at all, let alone by a factor of 10x. From a hardware perspective there are a few minor gains with changes to the protocol but there are also some losses due to the address and network prefix sizes taking up more expensive TCAM/SRAM.
You still want ports, they actually make networking hardware cheaper overall by moving some of the scaling requirements out of the IP layer and into the transport layer. Imagine needing router which can hold 1,000,000 IPv6<->MAC address bindings just because you have 1,000 clients in your network using new addresses instead of ports! ND code is more complex than the code to bind to ports, but I still like the introduction of ND more than not regardless :).
IPv6 infra will probably never adopt the cert stuff you mention. The protocol is just designed to be able to, it doesn't mandate it. In practice it's almost never done and having everyone do it would likely be harder than getting people off IPv4 has been. On the internet routing side, PKI with BGP doesn't really care about the address format and works fine with IPv4.
For the network manager the 2 biggest changes are 1) All of their client subnets are /64s, no more subnet mask tables. 2) No more NAT, which feeds into the debugging side of things, though some of this is advantage is intentionally lost in a tradeoff for increased privacy via temporary addresses. In the last one it's tempting to tie that back to enormous hardware gains but, in reality, the box at that position of the network needs to statefully track sessions regardless of if it needs to translate them, and that's the majority of the cost.
You still want ports, they actually make networking hardware cheaper overall by moving some of the scaling requirements out of the IP layer and into the transport layer. Imagine needing router which can hold 1,000,000 IPv6<->MAC address bindings just because you have 1,000 clients in your network using new addresses instead of ports! ND code is more complex than the code to bind to ports, but I still like the introduction of ND more than not regardless :).
IPv6 infra will probably never adopt the cert stuff you mention. The protocol is just designed to be able to, it doesn't mandate it. In practice it's almost never done and having everyone do it would likely be harder than getting people off IPv4 has been. On the internet routing side, PKI with BGP doesn't really care about the address format and works fine with IPv4.
For the network manager the 2 biggest changes are 1) All of their client subnets are /64s, no more subnet mask tables. 2) No more NAT, which feeds into the debugging side of things, though some of this is advantage is intentionally lost in a tradeoff for increased privacy via temporary addresses. In the last one it's tempting to tie that back to enormous hardware gains but, in reality, the box at that position of the network needs to statefully track sessions regardless of if it needs to translate them, and that's the majority of the cost.