"Pretty standard" != secure. Ex. Heartbleed.
shared hosting
Yes, this is a case to consider. I believe the best option is having a hoster integrate LE into their infra, ex. GitHub - plesk/letsencrypt-plesk: Let’s Encrypt extension for Plesk gives all Plesk users the power to get a free Let’s Encrypt certificate with just a couple of clicks.. Another option is asking the hoster for API, and yet another is trying to hack it out by emulating browser, which is problematic.
I think there will be hosters incorporating LE in their products (I think I've seen a discussion somewhere), which is certainly best for end-user.
Another thing to note is that LE's goal (AFAIC) is not to just give everyone free certs; it is to build an encrypted web, with safe transport. To achieve high spread, making your service secure should be easy, as close to run and forget as possible. Which can only be done with some constraints such as regular rotation and only automated. Sure, initially not all cases may be covered, but for most this is just a matter of time (i.e. of written Installer's). And for a small part left - LE is just not targeted at these.
(I should have migrated to the other thread.)