Hi,

whilst investigating another bug, I noticed that
https://lists.gnu.org/ is still using TLS1.0, which is seriously
deprecated. I propose the following patch to make emacs not use TLS1.0
anymore unless explicitly requested (and someone should update the
settings on lists.gnu.org).

Perhaps this warrants a NEWS entry as well, let me know.

Regards

Robert