>TL;DR: Bing doesn't support SSL on www.bing.com and has never publicized it as a supported feature. The submitter had to manually type https://www.bing.com into the address bar to generate this 'error'.

Or use HTTPS Everywhere. Personally, I'd also like it if in future, web browsers would try HTTPS first and HTTP second.

I don't think browsers should assume that http://blahblah and https://blahblah refer to the same resource.

Why not?

Because it's up to the individual website administrator to ensure he published them both the same way.

I can construct a web server that sends version A of a site over normal HTTP, and version B of that same site over HTTPS.

In fact, sometimes I do that by accident. :)

It's a bad assumption.

The bing.com certificate says it is valid for the following names: ieonline.microsoft.com , .bing.com , .windowssearch.com. So why does https://www.bing.com not match *.bing.com?

Because www.bing.com is served by akamai CDN which is different to bing.com. Therefore the SSL on the site is different.

Why don't they just support the thing that is most reasonably expected and not surprise n00bs like me.

Because it would change a massive amount of infrastructure and get about 10 hits a day.

(OK, 10 hits a day is probably an exaggeration but shockingly little of one.)