Legacy roles were originally created to help with transition to new roles system, but unfortunately the transition is not over yet and sometimes the legacy caps are used for something else than intended.

Legacy roles are needed for:
1/ old modules and plugins
2/ not fully converted code in core - guest access, primary admin, creators in ldap sync, restore, etc.
3/ upgrades of existing caps
4/ reseting of existing caps

In general it should be recommended to set legacy type for roles that are similar to old student/teacher/admin/creator and not set for roles that are assigned to add extra capabilities to users that already have student/teacher-like role

Possible solutions:
1/ remove use of all legacy caps from code - the worst problems is legacy:guest; creators are being worked on; it needs extra settings and configuration options which are going to add some more headaches
2/ improve/redesign reset permissions to defaults
3/ add help icon to role definition
4/ improve docs
5/ implement role templates instead of legacy types - or if the legacy types are not used in code, we could just rename the legacy to template.

I am afraid we can not do this properly before the 1.8 release

Any ideas?