I'll describe my problem and solution in case some others are having the same problem with YAHOO.ext.EventManager.ieDeferSrc and YAHOO.ext.SSL_SECURE_URL.
In EventManger.js (0.40.0 and maybe earlier?) there's this line:
document.write('<s'+'cript id="ie-deferred-loader" defer="defer" src="' +
(YAHOO.ext.EventManager.ieDeferSrc || YAHOO.ext.SSL_SECURE_URL) + '"></s'+'cript>');
To avoid that warning, I set YAHOO.ext.SSL_SECURE_URL to the URL of clear pixel gif. If I don't also set YAHOO.ext.EventManager.ieDeferSrc to something else, IE tries to load and execute the gif as a script (Thanks, Microsoft!) which results in another error.
So either the documentation should warn about changing YAHOO.ext.SSL_SECURE_URL or ieDeferSrc should have it's own default. The later seems better to me.
After loading yui-ext-core, this is what I do to avoid all errors:
defer.js is a single line: 'false;'