If you're logged into https://xenforo.com/community and you click on a link to the non-SSL version of the site, you are logged out and not only that, you are further logged out from the SSL version of the site also.
I think a similar happens when the reverse is true, also.
It makes it quite a fragmented experience.
Realistically there's only two options, go back to forcing HTTP only or migrate to force HTTPS only. Unless there is anything that can be changed to prevent the cookies being such an issue. I assume the only thing that could be changed, though, is the secure flag on the cookie...
Just a thought, anyway. I think people would probably prefer to browse the entire site with HTTPS, especially as the rest of XenForo.com does the same.