To quote a certain Mr Ian Thorpe, look: most of these changes aren't forcing anything down anyone's throat (with the exception of possible the mail certificate issue). MS are simply trying to protect people from dodgy ssl-encrypted sites that should know better (our site has a 2048bit Cert that's been in place for years).
And as for MS security bashing- every OS is written by humans and is therefore flawed. MS should actually be praised, as they were the first company to make it really easy to patch their flawed OS. For example, if you want to know just how buggy Mac OS X is, subscribe to this list:
https://lists.apple.com/mailman/listinfo/security-announceand you'll soon realise that every OS is full of holes.
"The Internet is just like a telephone or the mail system, it's a way to communicate". Yup, totally agree. But both these systems have security systems in place that we didn't choose; that's why you can't send a bomb through the post. I didn't ask the Post Office to impose that particular rule, but I still have to live with it and it makes a lot of sense.
I just can't see where the problem lies; the house/ shed falls apart because these are single person/ family issues. If you leave all your doors open that's no skin off my nose. But once a resource becomes shared, different security comes into play. Why else are banks hard to get into? You might be a millionaire who could afford to lose half your cash but I'm not and therefore can't- so the bank has to protected well enough to serve everyone (quite besides the economic chaos that would ensue if banks started leaking money that visibly).
I really do think this is just another extension of the "resonable security" argument; no-one is being force to run their websites over SSL, but those who do need to comply with certains standards. This "imposition" of security standards happens over and over again in our daily lives except most people don't see or think about it long enough.
