I've run into such folk and have to dive into secure sockets such as SSL (which is HTTPS) and wonder why we are considering yet another security design.

Something's off here. Tell me why https is not good enough as trillions of dollars of business is done with it every year.