With the early protocol-relative link HTTP+HTTPS parallel deployments starting (bug 20643), we notice there's not currently any way to specify that, as a particular user account, you want to make sure you log in on HTTPS only. This means it's easy to accidentally log in insecurely even though you wanted to log in securely.
(This should also be sometimes on by default to force all sessions to be secure -- $wgSecureLogin sorta goes in this direction but doesn't force everything.)
In addition to making sure you're automatically sent through to the secure version (or not), this will allow users to receive the appropriate URL scheme in their email notifications: bug 29878.
Bonus points for being able to redirect from http to https links in order to bump over to a live SSL login session when following generic links found elsewhere. (may need another bug)
Version: unspecified
Severity: normal
See Also:
https://bugzilla.wikimedia.org/show_bug.cgi?id=31323
https://bugzilla.wikimedia.org/show_bug.cgi?id=52283