Here at Stack Exchange we're working on moving all traffic to SSL. The reason we're not doing logged-in-users only is that one side of the login divide would suffer a redirect from Google every time. This happens because Google's only going to have http:// or https:// in the results, not both. Aside from building the SSL infrastructure (details here), the outstanding question we have is: how do we best transition to SSL?