Package: squid Severity: wishlist Dear Maintainer,
For years the packages have been missing SSL support for client side connections. While this might have been acceptable/tolerable in the past it is a completely outdated view on security. As reverse proxies those packages are completely unusable because you can't seperate today's internet and SSL. As a forward proxy they do have some limited use, but only in situations where you completely trust the connection between client and proxy. This is not the case in almost any situation. Especially with proxies located in public data centers the packages are completely unusable the way they are right now. Adding SSL support can be done fairly easy. One just needs to extend the configuration instructions by one simple parameter (--with-ssl) and add a few tiny packages to the dependencies. With those packages already installed on most systems the changes would be minimal. People not wanting SSL support would not be affected at all und the majority of admins who want SSL support could use your packages again instead of building from source or modifying your build instructions in the source packages after every update. Please consider changing this because at the moment your packages are completely unusable to most of the squid admins. They even hurt security because many admins either don't use SSL where it would be advisable or they start building packets themselves only to leave security holes unpatched when they miss an update later on. Best Regards, Heiko
