Comment 44 for bug 44335

The trouble is, that the current package deliberately transmits passwords in clear text - so I wouldn't worry too much about reputation. In it's current state this piece of software is a potential security risk, as users are encouraged to transmit passwords in cleartext - in these days, support for cleartext should be disabled and not vis versa.

I never understood debian's political issues about certain stuff - like this one, hunderts of debian packages have no trouble linking against a next-to core library, but one maintainer thinks the world turns around him and has to interpret some licensing other way round.... last but not least it might be a french and IIRC does the french gov disapprove of encryption anyway.
"France is the only Western European country which does not allow a free use of encryption on its territory." - but it's just a wild guess.

IMHO it's rather simple, as ubuntu != debian, and the licensing issues are no issues, so let's compile the software with ssl support.

GnuTLS Support would be in this case not needed, but it does not hurt to have it, does it? My abilities a rather limited to "./configure; make; make install" - so if some brave soul could give AZ a hand, he would be grateful - last but not least, ubuntu might even give it to upstream, which might be even appreciated and once debian would fetch the gnuTLS-patched version, they might even considering....

just my 2c
Philipp