Add connections_encrypted ACL

Add connections_encrypted ACL

The new connections_encrypted ACL matches transactions where all HTTP
messages were received over TLS transport connections, including messages
received from ICAP servers.

Some ICAP/eCAP services receive data from unencrypted sources. Some ICAP/eCAP
services are "secure". By default we assume that all eCAP services and all
ICAP services on TLS transport connections  are "secure" unless the user
uses the "connection_encryption" option in service configuration line.

This is a Measurement Factory project.