a recent bug report suggests that Iceweasel should choose a better
cipher for certificate by default. Details below.
> When browsing to a website such as https://www.twitter.com and viewing
> the certificate/connection details,the default certificate suite
> presented doesn't choose better ciphers by default.
> It should choose aes-128 or aes-256 with dhe by default.