Following through with this suggestion:
Begin a http session from the box on my 'trusted' net, to a box on the untrusted net:
172.20.43.169 internal host.
172.20.43.1 reth1.0 trusted zone
xx.yy.zz.253 reth0.0 untrust zone
zz.yy.zz.254 external host, default gateway for SRX
{primary:node0} root@SEASRX01_0> show security flow session source-prefix 172.20.43.169 destination-prefix xx.yy.zz.254
node0: --------------------------------------------------------------------------
Session ID: 78807, Policy name: trust-to-untrust/4, State: Active, Timeout: 16, Valid In: 172.20.43.169/56293 --> xx.yy.zz.254/80;tcp, If: reth1.0, Pkts: 4, Bytes: 256 Out: xx.yy.zz.254/80 --> xx.yy.zz.253/40383;tcp, If: reth0.0, Pkts: 0, Bytes: 0 Total sessions: 1
node1: --------------------------------------------------------------------------
Session ID: 69291, Policy name: trust-to-untrust/4, State: Backup, Timeout: 14404, Valid In: 172.20.43.169/56293 --> xx.yy.zz.254/80;tcp, If: reth1.0, Pkts: 0, Bytes: 0 Out: 67.152.33.254/80 --> xx.yy.zz.253/40383;tcp, If: reth0.0, Pkts: 0, Bytes: 0 Total sessions: 1
so it doesn't appear as if anything is actually being returned ??? However, I see the return being generated on my external host (xx.yy.zz.254)