Choosing the correct SSL cipher can be very difficult. Having the best encryption, still fast, having a “Modern compatibility”.
The current best solustion is with all browsers to have 256 bit encryption ( Chrome is currently the only browser that uses only 128 bit with this config).
— Edit —
Chrome might barf about a not modern config, hoever the encryption is not 256 in all cases. That is why I switched back to