Safari does not work with new Warp TLS #429
Probably we should add 3DES.
I'm opposed to adding 3DES, that's a clear regression in terms of security. I don't think it's worth it to support 3DES by default, at least.
The quick fix seems to be to do as @kazu-yamamoto suggested and remove SHA384 and SHA512 based ciphers. SHA256 is not considered insecure by anyone, so this isn't a security issue. (It's not like we'd be removing support for all SHA-2 based ciphers, just two problematic ones.)
I hope an issue has been filed with Apple re: SHA384 and SHA512?