Hi Damjan,
OpenSSL seems like a bad idea. It has poor binary compatibility and problematic FIPS 140 certification, and Fedora is dropping it in favour of NSS: http://fedoraproject.org/wiki/FedoraCryptoConsolidation http://fedoraproject.org/wiki/CryptoConsolidationEval
Maybe, but OpenSSL is a requirement for wininet and winhttp right now. For Fedora's proposed crypto consolidation, they're also proposing building a compatibility layer for OpenSSL on top of NSS, so it's possible that Wine's uses of OpenSSL could use these, too. But this is essentially hypothetical.
As Henri noted, wininet and winhttp should be layered on top of schannel. This is a requirement to fix a couple of bugs in at least wininet (though I'm less sure about winhttp). It has the added advantage of consolidating an SSL implementation in Wine into one place. Then, if platform-dependent SSL libraries are required, either to support Fedora and other Linux distributions that have divided opinions about SSL implementations, or to use Mac's Secure Transport libraries on that platform, they would only have to be done in one place.
OpenSSL isn't part of the LSB (while NSS is), so if we ever want to make a Wine LSB package, it might be a good idea to get OpenSSL out of Wine entirely. See also the August 2008 wine-devel thread about this: http://www.winehq.org/pipermail/wine-devel/2008-August/068575.html
Since that thread, where I stated that new code based on OpenSSL wasn't likely to get accepted, an OpenSSL dependency was added to winhttp. Apparently I was mistaken.
Thanks, --Juan