Browsers try their best to protect users from the evils of the internet, but some times their eager kills good use cases all the same. The “mixed content warning” that IE and Firefox throws when you reference a non-SSL asset from an SSL page is one of those cases.
The problem is that browsers don’t like caching SSL content. So when you have an image or a style sheet on SSL, it’ll generally only be kept in memory and may even be scrubbed from there if the user is low on RAM (though you can kinda get around that).
Now I understand why SSL content is not kept on a disk cache. You don’t want the financial-results-2008.png lying around on a public computer that you thought was safe to use because of SSL.
This is why it would be ever so wonderful if you could refer to a non-SSL asset from an SSL page. That way you could say “this stuff is private, don’t share it” when serving over SSL and at the same time take advantage of HTTP caching for things that pose no security risk, like drag_handle.gif.
Only Safari stands out as the hero with no mention of “mixed content warning”. So please, IE and Firefox, can you learn from Safari and kill it too? Then we wouldn’t have to adjust our asset rules depending on the user agent and everyone would be able to enjoy the extra speed of properly caching assets.