Hardened Kernel Goals

I have been doing some custom kernel compilation base on the default Alpine kernel. I added a decent amount of extra security mechanisms for the kernel such as chroot hardening and trusted path of execution (TPE). How locked down should the default kernel be for Alpine Linux? Should we have an extra version of Alpine the "paranoid" version? What are the core goals of Alpine and how do they affect the choices made for PaX & grsecurity?