web/installer: Use modern TLS

[jrchamp]

The allowed cipher list would benefit from some updates:

getcomposer.org/web/installer

Lines 1367 to 1409 in 4aac8c7

	$ciphers = implode(':', array(
	'ECDHE-RSA-AES128-GCM-SHA256',
	'ECDHE-ECDSA-AES128-GCM-SHA256',
	'ECDHE-RSA-AES256-GCM-SHA384',
	'ECDHE-ECDSA-AES256-GCM-SHA384',
	'DHE-RSA-AES128-GCM-SHA256',
	'DHE-DSS-AES128-GCM-SHA256',
	'kEDH+AESGCM',
	'ECDHE-RSA-AES128-SHA256',
	'ECDHE-ECDSA-AES128-SHA256',
	'ECDHE-RSA-AES128-SHA',
	'ECDHE-ECDSA-AES128-SHA',
	'ECDHE-RSA-AES256-SHA384',
	'ECDHE-ECDSA-AES256-SHA384',
	'ECDHE-RSA-AES256-SHA',
	'ECDHE-ECDSA-AES256-SHA',
	'DHE-RSA-AES128-SHA256',
	'DHE-RSA-AES128-SHA',
	'DHE-DSS-AES128-SHA256',
	'DHE-RSA-AES256-SHA256',
	'DHE-DSS-AES256-SHA',
	'DHE-RSA-AES256-SHA',
	'AES128-GCM-SHA256',
	'AES256-GCM-SHA384',
	'AES128-SHA256',
	'AES256-SHA256',
	'AES128-SHA',
	'AES256-SHA',
	'AES',
	'CAMELLIA',
	'DES-CBC3-SHA',
	'!aNULL',
	'!eNULL',
	'!EXPORT',
	'!DES',
	'!RC4',
	'!MD5',
	'!PSK',
	'!aECDH',
	'!EDH-DSS-DES-CBC3-SHA',
	'!EDH-RSA-DES-CBC3-SHA',
	'!KRB5-DES-CBC3-SHA',
	));

Mozilla has a very good reference for this: https://wiki.mozilla.org/Security/Server_Side_TLS

If you come to do make changes, please also address the duplicate list in https://github.com/composer/composer/blob/346356a4dd62967f1b4df6a91a562a1cb9078cfc/src/Composer/Util/StreamContextFactory.php#L136

[Seldaek]

Yeah IMO this isn't super critical as the installer only talks to getcomposer.org which is reasonably configured AFAIK, and prefers server ciphers.

On the Composer side, Composer 2 prefers curl anyway so it's not so relevant there either, but sure would be good to clean up the list a little, it is old for sure.