Or one of your browser tabs containing an HTTP-delivered page (any one, really) could arbitrarily be rewritten by the MITM to look the same at first, but carry some injected Javascript such that, a few minutes after it detects you've unfocused the page, it turns itself into a Gmail phishing site[1].

[1] http://www.azarask.in/blog/post/a-new-type-of-phishing-attac...

All that that attack requires, to be successful, is the ability for pages served over HTTP to run Javascript and submit forms.