Over time we've updated the SSL configuration we use for serving HTTPS as the security landscape has changed. In the past we've documented those changes in blog posts; to make things simpler to track, and so that people can stay up to date on the configuration we've chosen, I've created a Github repository called sslconfig. I've recreated the history of our SSL configuration from an internal repository and going forward we'll synchronize this repo with the configuration we are using.
Not long ago we modified OpenSSL to prevent the use of RC4 for TLS 1.1 and above and introduced ECDSA and we continue to examine the right set of ciphers to use so that our customers are as secure as possible (such as using Perfect Forward Secrecy).
PS As with any of our open source efforts, comments, criticisms and pull requests are most welcome.