just imagine.. after hard weeks of SharePoint development you configure your anonymous authentication provider to publish your web app anonymously to the internet. After you first browse your site, it wants to install an active x component named "name.dll". this component is loaded by core.js. The component then tries to fetch the availability information of Microsoft Office Communicator. I don't think your anonymous users will use this functionality. ;-)
Let's have a look at the problem:
In case of performance optimization you should never load core.js in anonymous WCM scenarios. SharePoint also tries to load other unnecessary stuff.
A nice way to avoid this is the MossCleanup HTTP Filter. Information on how to implement this: http://www.ie-soft.de/blog/PermaLink,guid,968b0588-f306-467b-be51-54f7a8f2079d.aspx
<!-- Avoid calling name.dll ActiveX -->