Support GET requests for https URLs for certain upstream proxies

Same feature as below but for ACNG communication to another upstream proxy.

I think the issue isn't certificate validation, it's that https proxy requests are made via CONNECT rather than GET. You could theoretically rewrite the proxy mechanism to MITM the CONNECT, but that wouldn't be a drop-in replacement. I suppose you could instead add an apt option to pass the https request to the proxy via GET instead of using CONNECT, but I think

Precisely. Current handling of HTTPS on a caching proxy is impossible or PITA for the user, as long as a such mixed behavior is not configurable.

As of now, apt-cacher-ng works around that by telling users to disguise https URLs as HTTP with a special marker for protocol switch (ugly, I know).

Also keep in mind that it off-loads the encryption work to the proxy, but that might be intentional.

that also won't necessarily work on an existing proxy.

Actually I assumed ACNG would support that but I was wrong. TODO created, #11

If we're imagining apt options, something like Acquire::https::Force-Proxy-HTTP true; would probably be more useful for this specific case (not that I think it's a great idea--too much potential for surprise).

I would make it a list of trusted proxy hosts and a special value ALL.