I think it would be useful if there was an extension / add-on that could force SSL connectivity where possible to prevent eavesdropping on normal web connections.
The extension should have a default user friendly preference, where https is tried first, but http is allowed as a fall-back if https is not available (or the page deliberately redirects https to http connections).
For the more paranoid amongst us, there should be an additional preference to disable the fall-back mode.
To go with this, there should also be a user maintainable list of known sites that must always use https, or can use http, overriding the above preferences.
I can currently do this to an extent (i.e. on a site by site basis) using the NoScript extension, but it would be nice to have a blanket ‘always try https first’ setting.