Thanks to Snowden & Bruce Schneier, we now know the answer. secp256r1 has an NSA backdoor - see
http://www.linuxadvocates.com/2013/09/is-openssls-cryptography-broken.htmlSo - while a backdoor is not really a "honeypot" this is the best answer:-
* NIST has made an intentionally poor suggestion to use secp256r1, so it acts as a honeypot. they have found that Koblitz curves are actually more secure than the random ones.
* Satoshi had information which led him/them to believe that secp256r1 was indeed a honeypot and that secp256k1 was the better choice for real security
RedHat have consistently refused to include ECC in their products for a long time now.
They won't discuss why apart from saying 'possible patents' which in my opinion is bullshit.
However they have recently decided that these patent issues have been resolved after so many years of bullshit and in the next version of RedHat Enterprise Linux they will include the OpenSSL version with ECC support it's been lacking for so long.
It's worth mentioning that they made it into quite a complex job to upgrade to an ECC compliant OpenSSL without potentially wrecking your linux installation.
The whole thing stinks of a secret court order to me.
Does this give more credence to Ed25519 ?