We initially did HTTPS just for the login page. Now it's sitewide, helped by the fact we now host the site within our LAN and then reverse proxy the site externally (so internal users get quicker access).
IT insisted on HTTPS initially as staff/students use their college network login to access our instance. Everyone is happier now it's sitewide, and with the new caching system prescribed by moodle 2.9 it's probably the fastest it's been too.
The sole pain is the odd iframe embedding a resource which is non-HTTPS, which on college desktops triggers the yellow 'only showing secure content' warning footer. But those are the exception rather than the rule now.