my overall feeling is that the risk of DoS should be one of the factor we take into account to make the decision but we should also consider how easy is it to use, how easy is it to maintain, how much effort is it to setup.
I agree, and since both burdens (daily maintenance and dealing with DoS) are going to fall on the shoulders of the sysadmins, that's why I'd rather let them order the evils and choose the lesser ;-)
Aurélien