I note that the xp-dev.com website (delegated SVN space) offers a regular HTTP login page but this page then has link to a "secure login" which is a login page but under SSL.
I wonder what the point of defaulting to HTTP was when surely an SSL login page would be better anyway?
Is it a browser compatibility issue? Do any other websites do this?
SSL is a big hit for sever performance compared with http, so I would guess that the webmaster is worried about scalability. The visitors who are concerned about high security can make the extra click to use the SSL login.
Some broswer or script will not accept SSL, so unless SSL is really mandatory (it's mandatory when you will submit/access sensitive data CreditCard number, .. ) it's generally a good idea to keep an HTTP login page for people that can't use SSL.
In your case it's more likely that information on this site when your are logged is not very confidential (I mean it's not you bank account) so they choose to offer a default HTTP login page, this use less CPU on server (SSL use a lot of CPU) but they still allow HTTPS login for user wanting more security. (or think that their network can be sniffed)