Brainstorming issue for changes planned for v5 of the guidelines. A few things should be discussed:

1. Removing 3DES from the intermediate level. Data shows that TLSv1 DES-CBC3-SHA represents 2.8% of traffic on mozilla.org, a site designed to receive old traffic. I think we can start moving this forward.

2. Removing DHE from the intermediate level, and keeping only one non-PFS ciphersuite: AES128-SHA.

3. Removing RSA from the modern guidelines. ECDSA should be the norm and enough clients support it: Firefox 27, Chrome 30, Edge 12, IE 11, Safari 5, Opera 17, Android 4.4.2, OpenSSL 1.0.1h and Java 8b132

4. Adding X25519 to TLS curves on all levels. Maybe next year we'll have some certificate support 🙏

5. Removing secp521r1 from all TLS curves and certificates. It's never used and there's some concern about its security.

6. Requiring the use of certificate authorities that issue CT logs, on all levels. This is new, the phrasing needs work, as do the testing tools, but it's an important requirement that I think we should add.

7. I'm wondering if we should require short lived certs and key rotation. 90 days max for modern level, 2 years for intermediate. This is going to annoy people, but the security benefit is there to support it.

Anything else I forgot?