Another interesting change in IE8 - images in frames do not show up in the parent page is HTTPS and the inner frame is trying to display images from a url using HTTP.
I'm torn on this point. First it's better security to enforce a whole page to be completely https. On the other hand do you know how many web sites are going to be completely non-functional by enforcing this? Additionally this is not the functionality provided by other browsers. I think people will just switch over to a browswer that works in this case.
What are the implications of displaying an image from an http url vs an https url on an https encrypted site? It's just an image, not a page with functionality right? However sometimes images can be used to create hacks (search on hack + gif, etc. in Google).
I'm not so sure about this but will just have to make it work somehow in case it doesn't change I guess.