>reasonable stance

Within the last 12 months, I had to write a script for a buddy at work that turned off availability of freaking freaking 56 bit DES in OpenSSH, which was available because was provided by openssl. I'm certain it was still there to provide compatibility for something(s) critical out there that depends on it, and while I can't imagine why anybody would choose to use it, it's there and it's awful.

“Supported by OpenSSL” is not a seal of quality in any sense.

It still supports a bunch of outdated crap including (on my system) RC4, RC2(!) and DES (yes, the 56 bit key one, not just 3DES).