yes, i know, but accoring to the blogpost below it should be no problem for newser browsers when using tls 1.2, but might e usefull to keep compatibility with very legacy clients, no? disclaimer: i'm not a crypto-guru, the ciphers used are copypasta'd from https://www.ssllabs.com/projects/best-practices/.

https://community.qualys.com/blogs/securitylabs/2013/03/19/r...