ClientHello extension permutation
Chrome and NSS have begun randomizing the order of TLS extensions in the ClientHello (except the pre_shared_key extension) to make fingerprinting harder. This blog post explains the scheme nicely. Would be nice for GnuTLS to do the same.