Thank you for your responses, guys.
It is the link in my signature: http://tribulant.com
From the home page, add something to the cart by clicking "Buy It Now" button on any of the products in the slider.
You'll see it adds, redirects to the cart which is on https:// (SSL) but it doesn't validate. Refresh the page and then it validates.
With something in your cart, go to the home page again which is http:// (non-SSL).
Then click the "My Shopping Cart" link in the header to go to https:// (SSL) cart page, it doesn't validate.
Then clicking that link again or refreshing, it works.
We've used SSL on many sites and never seen this problem.
It also used to work fine. I'm just stumped, that's why I'm posting here because there are very savvy and clever guys here which could spot something which we cannot.