ldap.conf(5) was designed to provide defaults to be used only when the user requested use of the default. For instance, the URI default is only used when the user requests the command line to use the default (by not providing a -H option). If one were to add an option to ldap.conf(5) to provide a StartTLS default, maybe "StartTLS [no|yes|auto|critical]", there should to be command line flag that says "use the StartTLS default".
Best regards, Michael