A few weeks ago I realized our websites accidentally disabled post-quantum key exchange because our haproxy had an old version of the modern ssl-config.mozilla.org config. Imagine how long it will take for everyone to realize this and fix their configs. This is not a scalable way of doing things...
add a skeleton here at some point
23 days ago