Right I've had a bit more time.
live.com does indeed not have SSL - it uses an HTTP 301 redirect. The redirect goes to another non-SSL site, which is a load balanced front end for mail.live.com which is itself an alias of www.live.com.
That site finally pushes the client to login.live.com, another alias, which is HTTPS:
TLSv1 Record Layer: Handshake Protocol: Multiple Handshake Messages
Content Type: Handshake (22)
Version: TLS 1.0 (0x0301)
Probably the amount of redirects confused the tester, it was likely expecting no more than a single redirect via an HTTP 301 to a secure site.