GitHub User: gorrillamcd
Well, there's caching considerations. With https, a user can't take advantage of any caching between the web server and client. There's also extra negotiation between the client and server to setup the connection. For those of us privileged enough to be on a satellite connection, it kills the speed. But even for those on a normal connection it can slow it down.
The information for implementing cancan hasn't really changed much for Rails 3. You can check out the wiki for cancan, which is what I recently used to get it up and running on my app: CanCan wiki