Why would "OpenSSL shipping it" make a difference? It's not like Poly1305 is the only MAC available in the "modern cryptography" bucket; you can use AES-GCM as well.
I am not completely against de-facto standards, but, in the TLS space, Chacha20/Poly1305 is not one. At this time it's mostly used only by Google/Chrome (AFAIK, no other clients support it); we'd need to see better browser support (multiple organisations) and wider server-side support before we can accept it on the basis of widespread use.
Accepting non-standard crypto is a slippery slope, which is why I'd rather take a very conservative approach.
P.S. You mean RFC 7539, which came out only a couple of days ago. Now we only need another RFC for the use in TLS.
They can, if they're using Chrome and the server has compiled OpenSSL from source and applied the relevant patches, linked to in the article, required for OpenSSL to support it.
Sure, but we can't encourage it's use until people can get access to server software that includes it, and openssl - and everything that links to libssl - doesn't right now.
I know, that's why I linked to those patches in the article, then subsequently mentioned their existence in another response to you three hours before you wrote the above.
That doesn't change that people won't use it until it's in openssl properly and they don't have to maintain a patched version themselves.
I don't understand why a sober assessment of people's SSL implementations should account for stuff like this.
There are two options: enable the only modern native stream cipher available for TLS, and with it the only polynomial MAC that doesn't require hardware support (and thus the best polynomial MAC available for mobile devices), or don't.
The former option is superior to the latter option. The latter option is easier, but: nobody said engineering was supposed to be easy.
Either SSL Labs is evaluating the quality of TLS implementations, or they're evaluating something else. Arguments like the ones I see on this thread suggest it's "something else".
I think not negotiating GCM on a browser where GCM is available and not using it will produce a warning should cap the mark at a B.
Understood re: IE.
Agreed re: ChaCha20/Poly1305, at least until openssl ships it (and maybe longer).