I don't think it's fair to say the operational overhead would be next to none. As it stands right now, most services that use per-user subdomains get wildcard certificates. Let's assume that wouldn't be an option for a service like tumblr, which has per-user subdomains. They have ~350 million users, that's not really practical to maintain. And that's just one big site, there are plenty of others. This would not just overwhelm the issuance capacity of most CAs, but it would also be a problem for many other components of the Web PKI, like Certificate Transparency log servers, which have so far only needed to handle a total of ~450 million certificates (many of which are duplicates that have been logged to multiple servers).

There's certainly a place for wildcard certificates, but I definitely agree that they should be used sparingly.