If I visit website A it should not know that I also visited website B. HTTP or HTTPS is irrelevant - they are totally separate connections and this does not assume anyone is in the middle.
Of course, there are attacks that already work using cache timing, but that isn't a good thing.
I know a handful of attack that work, and a few more vectors that won't be fixed as well. So why bother, exactly? It's neither a big concern nor fixable in current web design.
Of course, there are attacks that already work using cache timing, but that isn't a good thing.