Yes, but there are ways to get around all these problems and still be able to do it! The idea is to use a combination of HTTPS and HTTP wisely so that AJAX requests can be done without the HTTPS overhead. HTTPS is only used once during login.

Why even bother with SSL? If your main audience is the web crowd, you can simply use something like aSSL [http://assl.sullof.com/]. Then transfer statically encrypted content via http. This does work for most but not all. I know I'll get flamed to death, but I just filed for a patent that addresses the Achilles heal of aSSL - man-in-the-middle attacks.

same problem here. how about converting all px to pt ??? that will give you consistent results but needs to be done intelligently. not sure you can do it in a static CSS