Most advertisers are aware of how this will impact them, and are making preparations. The biggest change they are making and requiring from their partners is the ability to only return secure (https) assets and markup code when they receive a secure request.
Most publishers appear unaware of the coming changes though. They will most likely have to play catch up once they notice a drop in revenue. How much of an impact in revenue they incur depends on their ad server and whether they have a mobile site or app.
Publishers that have a strong relationship with their advertisers or Mediation platform are likely being told about the upcoming change and informed how to prepare for it. These are the pubs that will most likely notice the smallest impact from the change.
Aside from the immediate impact, another question is how this will impact the other platforms. Will Android and other non-iOS platforms soon follow and require all ad requests, assets and markup code be secure? It seems likely that they will make this same change particularly since Google ADX has already gone secure.
Security is becoming a requirement in mobile rather than just a nice to have, and it is a natural next step that all platforms would require that all requests and assets be secure.
So besides the short term changes publishers and advertisers must make to support iOS 9, they should also prepare for these changes to become permanent. Whether you are happy or frustrated with these changes, you need to get on board with them because they are unlikely to change and will most likely become standard for all mobile platforms.