A lot has, unfortunately, changed since 2006. It might be a good startingpoint. But also actively starting from the point of "let's try to support multiple libraries" rather than "let's try to support gnutls" is probably also important.
I am interested in dropping the dependency on OpenSSL, if only to fix the situation with Debian, libreadline and OpenSSL[1].
That's one of the many reasons, yes :)
At some point we should design a new API, so that we can deprecate the old one. Even if we don't hve the code ready, we need to get rid of PQgetssl(), and replace it with something else. I'm thinking probably a functoin that returns both a void pointer and an enum that tells you which library is actually in use. And a boolean just saying "ssl on/off", because that's what a lot of clients are interested in and they don't care aobut more than that.
Obviously, we also have to do something about PQinitOpenSSL().
Unfortunately, I think it's too late to do that for 9.4 - otherwise it would've been good to have a whole cycle of deprecation on it...