SSL* by default is inevitable.
Though this is a good first step (well done CloudFlare!), eventually these base SSL certificates will be so cheap as to be ridiculous. Hell, I bought 5 years of SSL certificate for my domain for something like $50. If you have any reason to have SSL, even a popular forum requiring login, then SSL is a drop in the ocean against hosting, bandwidth and even just simple management costs.
The certification authorities wouldn't allow this (specifically the wildcard domains) without knowing that the money they get from them is going to plummet soon anyway. That's pretty much why they want to push EV and like it when Chrome drops support for 1024-bit, etc. They can give the old stuff away for free while pushing the stuff that won't be warning in your browser next year.
And there are already "free" SSL certificates out there on this level, you just have to dig for them.
And, to be honest, where we need to worry is things like SSL on email, etc. which is disgustingly easy to configure nowadays if you own any domain SSL certificate (or even a self-signed one). I'm pretty sure my SSL cert is running not only my domains, but my email, DKIM signature and things like SSH etc. (with different passphrases in some instances, granted).
(*Please replace SSL throughout with TLS etc. as I'm pretty sure my servers don't accept SSL 2.0, 3.0 or anything else nowadays).