Mark,
I see what you are saying, but I disagree. I have three reasons for that (average user, best pratices and performance). I will focus on the first one, but if you would like I can explain all.
If someone implements https, he or she must be prepared do deal with certificate problems, pay attention on expiration dates and check browsers support. In fact, most browsers will alert the user when something is not as expected. To avoid problems like that, I prefer https on my side (wordpress panel) leaving http to the average user.
In my case, wordfence is getting live traffic info using https while the whole site is using http. It is not a bug. It´s more like a feature request.
Wordfence is a 'must use' plugin and I thank you for this wonderful work.
Miguel