WardCunningham thinks we should abandon https : http://found.ward.bay.wiki.org/view/https-means-business
Https encrypts browser / server communications so that attackers in the middle can't sniff it.
But also provides signing / authentication so servers can prove who they are.
Unfortunately that makes it rely on trusted / centralized authorities to sign / authenticate the servers. Which makes a two tier system. Big companies get signed by other big companies. And the little guys find it much harder.