In response to the recent Google HTTPS flaw discovery (don't worry, it's nothing major -- just a technical point), I've now decided to start adding this flag to all of my cookies, as well.
There's an easy way to do it with Ext, too, and I did this right away with my cookie-settings scripts in Domino.
In your cookie setting function, after whatever assignment you use to create the "Path" part of the cookie, just add:
(Ext.isSecure ? ";secure" : "")
So, the end of your cookie string should look somewhat akin to:
And that's it! Now, just check your cookies in FireCookie to see the "secure" flag taking effect: