[kkl]

It depends on who you ask, but I personally don't think hard certificate validation failures are a bad thing.

[rocqua]

HKPK has the potential problem that losing / compromising 2 keys leaves your site unavailable until the pin expires.

[kkl]

This is a common theme in this thread but I'll re-state it here:

Web browsers cannot reliably distinguish between a configuration mistake and an attack.

For this reason, I think hard HPKP fails are a good thing. For those who opt-in to HPKP, this is a risk one takes in exchange for greater control over certificate validation.