Do an crypto algorithm audit and remove obsolete / insecure crypto algorithms
This is like a general and recurring issue. For each release we should review the used crypto algorithms and remove/deprecate the insecure and obsolete algorithms (RSAMD5 was a fine example)? Perhaps also change the recommended and default algorithms.