Often I hate the hoops we jump through in order to provide the illusion of security:
Amazon CloudFront HTTPS delivery can be used to transfer inherently sensitive objects to your users, to avoid security warnings that some browsers present when viewing a mix of HTTP and HTTPS content, or for anything else that needs to be encrypted when transferred. [email from Amazon today, announcing the new service]
Yes, I know that every step along the way here is reasonable. It just feels wrong, y’know?