IE7 still lacks in encryption
In defense of IE6, it came out long before 256 bit certs became the norm, and very few feature enhancements were ever incorporated. However, IE7 is a different story. FireFox has supported them for quite some time, and IE7 is brand spanking new, but it still doesn't support 256 bit encryption.
Now I'm not saying that breaking 128 bit is so common that this is a HUGE security problem. But when something to make communications over a public network more secure is available, why wouldn't a software company choose to support those features?
Well, the answer found on the MSDN blog is that the dll they use for cryptography is part of the OS, so Vista will have the fix. Of course, IE3 and IE4 used their own cryptographic dll's, so they're just being lazy in my opinion by not making IE7 support 256 bit.