Comment by TruePath

Lots of the real world vulnerabilities out there exist exactly because of people choosing to support a range of crypto algorithms.

Sure, if it's an internal tool you can recompile both ends and force a universal update. But anything else and you need to stay compatible with clients and anytime you allow negotiation of the cryptosuit you open yourself up to quite a few subtle attacks. Not saying that choice about go is clearly a good one but i don't think it's obviously wrong.