ted, great post.
two things i might further stress.
encrypting as much as reasonably possible spreads the cash of the
pervasive passive attcker.
there may be 600+ 'trusted' CAs. but what is actually used is a bit
surprising
"Analysis of the HTTPS Certificate Ecosystem",
Z. Durumeric, J. Kasten, M. Bailey, J.A. Halderman (University of
Michigan)
http://conferences.sigcomm.org/imc/2013/papers/imc257-durumericAemb.pdf
fix needed here.
randy