It doesn't make any sense at all to do this, some people still haven't turned off the "you are about to view pages over a secure connection" message, so if you're talking about inbound links why potentially prompt a visitor when they click? Just let them in.

Take off the 302, optimize the site for HTTP, and only switch users to pages that actually REQUIRE HTTPS, like the login and checkout. For internal linking, you should just be linking to href="/page.html"> without a domain anyway.

The only thing that you don't want to do is redirect from a secure page to a non-secure page. In IE, that action triggers a security warning, "You are about to leave an encrypted page", which many shoppers would get antsy over.

There's nothing wrong with serving your entire site via secure (SSL) pages. There's a small performance penalty, but not a show-stopper.

If you do offer your pages via SSL, ensure that *every* item on the page is fetched via SSL, otherwise shoppers receive the warning message, "This page contains both secure and non-secure items", which causes shoppers to get antsy.

EDIT: I almost forgot about Cookies. If you serve up cookies, they must be marked as "Secure", per RFC 2109, or else McAfee will go nutso.