TLS 1.2 and PFS on 10.2.4

And with COMPAT added it adds all the other stuff that isn't needed: g tmm --clientcipher 'COMPAT:EDH:!SSLv3:!DES:@STRENGTH' ID SUITE BITS PROT METHOD CIPHER MAC KEYX 0: 58 ADH-AES256-SHA 256 TLS1 Compat AES SHA ADH 1: 58 ADH-AES256-SHA 256 TLS1.2 Compat AES SHA ADH 2: 58 ADH-AES256-SHA 256 DTLS1 Compat AES SHA ADH 3: 57 DHE-RSA-AES256-SHA 256 TLS1 Compat AES SHA EDH/RSA 4: 57 DHE-RSA-AES256-SHA 256 TLS1.2 Compat AES SHA EDH/RSA 5: 57 DHE-RSA-AES256-SHA 256 DTLS1 Compat AES SHA EDH/RSA 6: 27 ADH-DES-CBC3-SHA 192 TLS1 Compat DES SHA ADH 7: 27 ADH-DES-CBC3-SHA 192 TLS1.2 Compat DES SHA ADH 8: 27 ADH-DES-CBC3-SHA 192 DTLS1 Compat DES SHA ADH 9: 22 DHE-RSA-DES-CBC3-SHA 192 TLS1 Compat DES SHA EDH/RSA 10: 22 DHE-RSA-DES-CBC3-SHA 192 TLS1.2 Compat DES SHA EDH/RSA 11: 22 DHE-RSA-DES-CBC3-SHA 192 DTLS1 Compat DES SHA EDH/RSA 12: 0 DES-CBC3-MD5 192 SSL2 Compat DES MD5 RSA 13: 24 ADH-RC4-MD5 128 TLS1 Compat RC4 MD5 ADH 14: 24 ADH-RC4-MD5 128 TLS1.2 Compat RC4 MD5 ADH 15: 52 ADH-AES128-SHA 128 TLS1 Compat AES SHA ADH 16: 52 ADH-AES128-SHA 128 TLS1.2 Compat AES SHA ADH 17: 52 ADH-AES128-SHA 128 DTLS1 Compat AES SHA ADH 18: 51 DHE-RSA-AES128-SHA 128 TLS1 Compat AES SHA EDH/RSA 19: 51 DHE-RSA-AES128-SHA 128 TLS1.2 Compat AES SHA EDH/RSA 20: 51 DHE-RSA-AES128-SHA 128 DTLS1 Compat AES SHA EDH/RSA 21: 0 RC4-MD5 128 SSL2 Compat RC4 MD5 RSA 22: 0 RC2-CBC-MD5 128 SSL2 Compat RC2 MD5 RSA 23: 0 RC4-64-MD5 64 SSL2 Compat RC4 MD5 RSA 24: 97 EXP1024-RC2-CBC-MD5 56 TLS1 Compat RC2 MD5 RSA 25: 97 EXP1024-RC2-CBC-MD5 56 TLS1.2 Compat RC2 MD5 RSA 26: 97 EXP1024-RC2-CBC-MD5 56 DTLS1 Compat RC2 MD5 RSA 27: 6 EXP-RC2-CBC-MD5 40 TLS1 Compat RC2 MD5 RSA 28: 6 EXP-RC2-CBC-MD5 40 TLS1.2 Compat RC2 MD5 RSA 29: 6 EXP-RC2-CBC-MD5 40 DTLS1 Compat RC2 MD5 RSA 30: 23 EXP-ADH-RC4-MD5 40 TLS1 Compat RC4 MD5 ADH 31: 23 EXP-ADH-RC4-MD5 40 TLS1.2 Compat RC4 MD5 ADH 32: 0 EXP-RC4-MD5 40 SSL2 Compat RC4 MD5 RSA 33: 0 EXP-RC2-CBC-MD5 40 SSL2 Compat RC2 MD5 RSA