[pfg]

I like to think that this is the right approach, especially for shared hosting environments (which is what this announcement is about, presumably). These site owners already trust OVH to host their sites and to hold the private key for a certificate that is valid for their domains (or rather used to be, until it expired). You'll always find someone who's annoyed by a change or uses a setup that broke because of this (maybe they've pinned to a specific key and ignore expiration dates ...), but that doesn't seem like a common use-case or one that they should aspire to support.