It bugs me that we're still on RSA/4096. Ed25519 has fewer parameters to mess around with (no custom exponent or modulus), keys and signatures are shorter and have a well-defined forman (just binary data) and there's no network byte order confusion.

Meanwhile, ECDSA is so complex to write that most people will get it wrong and end up with a security hole that makes the NSA happy.