still how do you give the user the option to say "I know what I'm doing."
I get that access to an unknown site with unknown content with a dated cipher should _by default_ break. By default!
I do not get that I cant't access a well known site any longer because that site that I don't control just doesn't update their cipher. In that latter case I need to and want to be able to override the default recommendation of the gurus --- without having to rebuild my client!
> still how do you give the user the option to say "I know what I'm doing."
You make configuration available. Most of these disabled-by-default protocols can be enabled by a user who really knows what they are doing (and isn't just saying so). A few might have been outright removed from the code base. In that case, you really need to know what you are doing, but you can still bring them back by installing a custom patch or downgrading the program in question.
I think it is a good idea to create friction along pathways that are probably mistakes. The people who really need to go down that path will put in whatever effort is necessary, while people who are motivated by the path of least resistance will be nudged in a safe direction.
I get that access to an unknown site with unknown content with a dated cipher should _by default_ break. By default!
I do not get that I cant't access a well known site any longer because that site that I don't control just doesn't update their cipher. In that latter case I need to and want to be able to override the default recommendation of the gurus --- without having to rebuild my client!