Conservationism here is justified especially so in that one can simply set the key-pool to an arbitrarily high value and obtain most of the values of the fancier schemes; without many of of their costs.
I think a reasonable compromise would be to have wallets refuse to use new keys without explicit authorization. If you backup the wallet.dat file, you are safe unless you hit "Yes" on the dialog box confirming that you have backed up.
The client could still generate the keys and add them to the wallet in advance of running out of old keys.
The sequence could be something like.
- When keys low, generate new keys and inform user that the wallet needs to be backed up
- When keys expire, ask user if they have backed up their new wallet.dat file
The user might hit ok, remembering a backup 2 times previously, so it isn't fully secure.
User interaction is only possible in the qt variant, on the server side it'd just stop working?