RFC: disable TLS < 1.2
Debian disabled TLS < 1.2 in Buster, followed by other distros. I suggest to disable TLS < 1.2 by default for OpenSSL/GnuTLS/NSS in the next release.
To upload designs, you'll need to enable LFS and have admin enable hashed storage. More information