Oddbean new post about login | logout It's about the reader, mainly. No insight into what pages were requested, predominantly. For webserver, guarantee of integrity, i.e. no providers injecting ads or scripts. Or otherwise changing content. Etc.
Actually, come to think of it .. static content is easily copied, so SSL/TLS's authenticity verification is not so meaningful, the normal case validates the domain only. But then, the content could easily be copied and hosted from another domain, which can just as easily have a valid cert.