As for 3DES, I found a relevant discussion here: https://github.com/golang/go/issues/21144
There, Adam Langley seems to think it’s too early to disable 3DES by default:
I would prefer to disable 3DES by default. That’s simple and clear. However, 3DES is what IE on Windows XP is clinging onto and I suspect there is a constituency of Go users who care about that. At some point the balance will shift and they’ll have to explicitly enable 3DES rather than the other set explicitly disabling it. I don’t know whether 1.10 is the point where that happens.
This applies to configuring servers though. It may make more sense to disable 3DES in a client sooner. If that would break things, there’s clearly a webmaster/admin that has been sleeping. What do you think?