Everything I am reading here seems to indicate that as long as you open your SSL sessions in a new browser window, you should be ok. That is what I recommend.
http://threatpost.com/en_us/print/5953
[1]LAS VEGAS–A security researcher
has found a slew of fundamental problems with the way that modern
browsers are designed and built, leading to serious questions about the
security of these applications and the way that they handle SSL
sessions.
The research, done by Robert Hansen of SecTheory, shows that browsers
such as Firefox, Internet Explorer and Chrome have a number of
architectural problems that can essentially negate the security that SSL
is meant to provide for sensitive Web transactions. The techniques that
Hansen has developed, which he demonstrated at the Black Hat conference
here Thursday, give an attacker the ability to do any number of nasty
things to a target machine, including forcing the download of an
executable file, overwriting the URL field in the browser and overwrite
secure HTTPS cookies with non-secure cookies.
A big part of the problem, Hansen said in an interview, is that browsers
don’t enforce policies that would isolate the tabs in an open browser
from one another. This allows an attacker who can control one of the
tabs, say a normal non-SSL session, to also affect content in the other
tabs, even if they’re using SSL. Hansen identified several techniques
that enable him to watch an SSL-protected session and glean a lot of
information about what the user is doing, based on timing certain parts
of the Web session and knowing how long it takes for part of a site to
load. He also can tell whether a user is logged in on a given site and
use a specific technique to log the user out so he can then watch the
login operation and steal the credentials.