luci-ssl isn't enabled by default (for the security concious, it really should be, but it's both an issue of size (hard to fit into 4 MB at all) and making it more difficult for the user to deal with self-signed certs - not all browsers do allow ignoring the certificate error). IPv6 can't be disabled for a release build, because toggling the setting has quite significant effects on conditionals in kernel and other packages, but given that all firmwares are created from one kernel/ packages build, you'd have to decide to toggle the setting for all (even the routers that are more than capable) or no one (which would be a bad idea and quite a regression these days, with DS-lite becoming common place).
That is the problem, devices with 4 MB flash/ <=32 RAM are quite limited, yes catered individually for your own needs, you are able to extend their life time by quite a bit, but these tradeoffs are pretty individual. This is nothing you can really solve in the prebuilt (release-) firmware images, once they've fallen off the cliff and no longer fit the 'default' release image.
Edit: a quite 'entertaining' illustration of this could be TP-Link TL-WR841N(D) - LADUS build, which goes back and forth which components are actually needed. While ppp/ PPPoE isn't necessary for cable customers, users with ADSL/ VDSL usually hard-depend on it - at the same time many cable users will need IPv6 functionality (DS-lite), while ADSL/ VDSL users typically still have a real IPv4 address (and either full dual-stack or no IPv6 at all). The same argument goes for pretty much all other (de-)listed features, neither of them is particularly large, all of them can be considered basic functionality for a modern router - but you simply can't fit them all at once.