Well, epel has extra packages. They are by definition not essential to the functioning of the OS. Why you wouldn't want those from a rapidly updating or rolling-release repo is something I don't understand.
EPEL not being enabled by default I find a little weird, but sure it's not the end of the world.
The thing I find strange is that the people I'm talking about will happily run code from random 3rd party repos (providing PHP 7.0 or similar), and copy/paste repo key fingerprints from the web without blinking, while steadfastly refusing to use an OS with such packages included and tested in the official repos "because security/quality/enterprise".
The thing I find strange is that the people I'm talking about will happily run code from random 3rd party repos (providing PHP 7.0 or similar), and copy/paste repo key fingerprints from the web without blinking, while steadfastly refusing to use an OS with such packages included and tested in the official repos "because security/quality/enterprise".