Oh, very much agreed. Like those examples on the Mozilla security list say, many companies just don't want to mess with production ever, which makes sense, but I feel like if the norm were to just have two (or three) certs loaded into production at all times, and production just picked whatever one wasn't revoked (or the admins were allowed to switch which cert was active without falling afoul of their org's rules for "touching" the server unnecessarily), there would be more uptime everywhere. Even if you want an expensive OV/EV (or even DV) cert as your primary, getting one or two backup DV certs from free CAs seems like it should be relatively easy to set up (at least compared to the risks it mitigates). And the paid CAs have management software that should be able to just automate everything for the organization (that is, one of the benefits to a paid CA is that the CA should be able to take care of everything so you don't need to think about it). Honestly, even if the CA wants to be the sole provider of certs, having it be normal to give organizations two different active certs from different intermediates run out of different datacenters feels like it should be the bare minimum.
But people don't ask me. 
Sure, that too.