Open federated protocols with no obligation for providers to upgrade as the security landscape changes are a betrayal of user security and privacy of the highest order.

HTTPS is only becoming reasonable because Google can use its monopoly power and forced upgrade mechanism to bully website owners into adopting better practices. If we had a fragmented ecosystem of many open source browsers with user-consent upgrades and similar market share like the open web people wanted, certificate transparency would remain academic.

Personally, I consider the median advocate of open federated protocols to be more culpable for the wholesale violation of user privacy than the median NSA staffer.