This page collects goals for squeeze for the apache2/apr/apr-util/ssl-cert packages and ideas how to implement them. Feel free to comment, but please mark comments as such.
SSL SNI (done)
After 2.2.12 is released and uploaded to unstable. Since MSIE on Windows XP does not support SNI, this will not be made the default until squeeze+1.
Apache 2.4 will be released in the not too distant future, but not in time for squeeze.
Even if 2.4 does not get into squeeze, we should think about and prepare the upgrade path. Maybe move the config files from apache2.2-common into Separate package or at least add some magic that makes is unnecessary to delete apache2.2-common's postrm in apache2.4-common's preinst script.
See Apache2Transition for wheezy.
APR/APR-UTIL 1.3 (done)
Upload to unstable. Bonus points if the symbol files create dependencies on libaprutil1-ldap automatically when apr_ldap_init() is used. The same for dbd.
Tweak apache2 dependencies for new sub packages.
Investigate LDAP support
There were problems during the the last openldap soname bump because aprutil is only a partial wrapper. Probably aprutil should change soname whenever openldap does.
Integrate apache2-mpm-itk (done)
We need to get rid of the source package. Preferably by using a new source package format for apache2 with several tarballs.
Switch to source format 3.0
This will make it easier to include additional/fixed icons.
Inteface with other packages
Define what webapps and module packages should do in postinst/prerm. Where they should put their config files. There was a draft webapps policy somewhere.
Allow to run several instances of apache
This needs tweaks to the init script (see wishlist bug), testing, and documentation.
- remove 2.0 to 2.2 upgrade logic
Enable hardening for apache2. -fpie is not enabled yet becaulse gdb lacks support.
Be less of a support headache for upstream. Maybe create a debian-server-users mailing list? See http://lists.debian.org/debian-apache/2007/01/msg00016.html