Huge props to the Chromium team for doing this; it's an excellent precedent.
SSLv3 is broken, and the only reason it's been so well-supported is that the browsers were unwilling to break web servers; the operators of those servers can't be counted on to fix them, and users direct their ire at the browser vendors. But apparently there's a red line across which the browsers won't make up for broken server configurations, and POODLE crossed it.
this is good news--Firefox leaving users vulnerable to well-known attacks by default for just a few months is actually a major improvement (not being sarcastic).
mozilla security engineers have a history of making excuses of the "let's continue doing this incredibly unsafe thing in Firefox in the name of legacy compatibility" variety. i'm thinking of folks like julien vehent & brian smith here, but kudos to the rest of the mozilla security team for finally starting to move beyond the tortured logic of defaults that leave all ff users vulnerable.
SSLv3 is broken, and the only reason it's been so well-supported is that the browsers were unwilling to break web servers; the operators of those servers can't be counted on to fix them, and users direct their ire at the browser vendors. But apparently there's a red line across which the browsers won't make up for broken server configurations, and POODLE crossed it.