Mandatory-to-implement does not mean mandatory-to-use.
If we change 3DES to AES, things don't instantly stop working. If we do
that, 3DES would be a SHOULD, of course, and there will be a note that
says that if you don't implement 3DES there could be interoperability
issues.
I don't think that any reasonable implementor is going to run right out
and code stupidly. It will obviously take a couple of years before
someone can safely assume, for example, that the
algorithm-of-last-resort would be AES.
However, if we ever want to roll 3DES over to AES, we have to start
sometime. The couple of years of bake-in doesn't start until a change
is made. Why not now?
I'm willing to concede the point on SHA-256, I wouldn't have brought it
up at all if NIST hadn't said a couple days ago they're phasing out
SHA-1 and rolling to SHA-256.
Jon