> However, everyone seems to agree that it would be unambiguously better
> if the cabal install executable were able to communicate over ssl.
Yeah.
Strongly +1'd. Following this track, if cabal's http handling is going to be abstract enough to be able to shell out to curl, there's no reason not to add an optional dependency on http-client (either haskell-tls or openssl) or http-streams, guarded by a flag.