Adjust cipher and signature algorithm preference list for hardware

[markafoltz]

We added a list of recommended ciphers and signature algorithms for TLS 1.3 from PR #206. But we should find a benchmark referencing the hardware requirements to prioritize the list and determine the mandatory ciphers/algorithms.

[markafoltz]

From https://www.w3.org/2019/09/15-webscreens-minutes.html#x06:

ACTION: mfoltzgoogle to fill in benchmark for ciphers.

ACTION: mfoltzgoogle to fill in benchmark for signature algorithms. Also check for signature and verification. ECDSA is usually faster for signature, but slower to verify.

[markafoltz]

For ciphers, there is basically nothing to do here. The required ciphers for TLS 1.3 cover both newer and older hardware:

• For anything with ARMv8 and newer (i.e. anything since ~2016, basically) hardware accelerated AES is going to be best. TLS 1.3 makes AES-128 and AES-256 mandatory to implement.
• For anything older ChaCha20 is going to be faster and is also mandatory to implement for TLS 1.3.

https://www.rfc-editor.org/rfc/rfc8446.html#page-102

For key signing and signature verification in TLS, there are some tradeoffs between the mandatory to implement algorithms (which include ecdsa_secp256r1_sha256). However signing and verification happen less often than use of the ciphers; only when creating new certificates, or executing a TLS handshake.

Since we are already requiring ECDSA for the agent certificate, it would make sense to just say the certificate's signing algorithm must be ecdsa_secp256r1_sha256 which would be compatible with every TLS implementation.

[markafoltz]

Point of reference: Comparison of TLS implementations

[markafoltz]

This will be addressed when PR #297 lands.