I agree that we shouldn't worry about being non-interoperable with
nonexistent implementations. But I seriously question whether you
can determine that there aren't a significant number of such
implementations. I expect there would be a delay between deployment
of such implementations and use of the STARTTLS feature, so the
"would not survive in the wild" argument is, for me, unpersuasive.
Surely *someone* would have heard of such an implementation if it
I've seen zero discussion of the extent of broken vs. conforming
implementations in groups that are frequented by SMTP implementors.
All I've seen is your claim that most client implementations fail to
follow the spec in sending TLS 1.0 Hello messages. No offense,
but I don't think that's sufficient justification to change the spec.