No doubt the NSA has cracked HTTPS, and want to make sure foreign intel agencies with less advanced IT expertise don’t get free access to the keyword search stream without spending the money/resources to crack HTTPS on their own dime.
HTTPS/TLS is not one cipher. Depending on how your browser and the server are configured, you may use 128 or 256 bit AES encryption, or 168 bit triple-DES.
However, if you can obtain the private key for the SSL certificate (by legal or illegal means), you may be able to decode all of the encrypted data. The question is whether you can capture the key.
When you connect to a secure website, you go through a key exchange, and then that symmetric key is used to encrypt the connection. Periodically, the connection resyncs and negotiates a new symmetric key.
So, you have to be able to capture that symmetric key that is exchanged. Even with the private key for the SSL certificate, that's not guaranteed. There is no known man-in-the-middle attack for certain types of key exchanges. But, without the technical knowledge to choose them, you really don't know which key exchange and cipher your browser and the server will negotiate.