I remembered why I never documented the SSL options. Because they are badly named, accept weird values, and I wanted to fix them. I felt (and still feel) that documenting them would make them "official" and force us to keep supporting them forever.
Here is the list, extracted from `wget --help': --sslcertfile=FILE optional client certificate. --sslcertkey=KEYFILE optional keyfile for this certificate. --sslcadir=DIR dir where hash list of CA's are stored. --sslcafile=FILE file with bundle of CA's --sslcerttype=0/1 Client-Cert type 0=PEM (default) / 1=ASN1 (DER) --sslcheckcert=0/1 Check the server cert agenst given CA --sslprotocol=0-3 choose SSL protocol; 0=automatic, 1=SSLv2 2=SSLv3 3=TLSv1 --egd-file=FILE file name of the EGD socket. The names are unreadable because they don't include the usual separator between words. They also contain weird acronyms and abbreviations, such as "CA" or "cert", making them even harder to read. Finally, the values they force upon the user are unbelievably cryptic. How hard would it have been to support something like --sslprotocol=sslv2 or --sslcerttype=pem... but no, it was easier to call atoi. The question is what should we do for 1.10? Document the unreadable names and cryptic values, and have to support them until eternity? Leave them undocumented and fix (and document) them for the next release? Fix them for this release (and break the freeze), and document them? Does anyone ever use them anyway?