Currently when.js's deferred looks like a promise, and encourages people to expose it to callers. The problem is that it's not safe to do so, since it's not frozen, and it also has the resolution methods.
This could be a major breaking change for some folks, I'm sure, so we should start talking about it now.
+1, as you might have expected :)
IMHO, the only reason to keep deferred.then is convenience of typing deferred.then instead of deferred.promise.then.
The downside, as stated above is that it's easy to make the mistake of returning a deferred (instead of its promise), thus exposing the resolver to code that should only have access to the promise.
Removed from dev-200 in 041dd2b