There's a twisted weird worldview that FOSS Projects should always leave people the choice and by that always offer an insecure option https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=224097 … had the same when I discussed savannah's lack of default HTTPS
The sw should do what the user wants it to do. This in no way implies that its maintainers' servers should do insecure crap just because a user wants them to.