Explicitly disable multi-part ChaCha20 (which was not functioning correctly) and more strictly enforce tag length. This was fixed in nss-3.55 CREATE(Triage):(User=admin) [CVE-2020-12403|https://nvd.nist.gov/vuln/detail/CVE-2020-12403]