> Except most big orgs now employ MitM tools like BlueCoat to sniff SSL connections too.

This. A long thread mostly advocating HTTPS everywhere and only one mention of this. Would any of the knowledgeable HTTPS advocates here care to comment on it?