backport 1600437 : Disable CBC-mode ECDSA ciphers and stop advertising ECDSA+SHA1
following on from #40183 (closed)
IDK if this makes any difference really, but it's more than just pref flips. And we could drop the two prefs added in !433 (merged)
these two
pref("security.ssl3.ecdhe_ecdsa_aes_256_sha", false, locked);
pref("security.ssl3.ecdhe_ecdsa_aes_128_sha", false, locked);