Most interesting thing I learned at Stuart Cheshire's talk last week: TCP retransmits due to congestion don't waste any bandwidth or cause any reduction in net throughput.
So if you use ECN (a thingy that lets the congested router tag your packets, rather than dropping them, to indicate you should slow down), you don't increase throughput at all.
What?! Crazy, right? But it makes perfect sense when you think about it: the congested link didn't have enough room for your packet, which is why they had to drop it. You have to retransmit another one, but the "retransmit" isn't the second time the packet was sent: it's really the first time. After all, last time around, it was never sent!
Every connection from A to B only has one bottleneck link; all the other ones, by definition, have some leftover space. So the fact that you sent the packets twice over some of those links is irrelevant, because they had room to spare anyhow.
As Stuart said, "throughput is the ultimate perishable resource. Use it now, or it's gone forever." TCP retransmits only use up throughput that otherwise would have been for naught(*).
He then went on to show how iperf absolutely won't show any measurable improvement from ECN for this reason. However, there is more to the world than iperf, and ECN actually does help latency, just not throughput.
(*) When packets are dropped for non-congestion reasons, such as device drivers with stupid bugs (whee!), then retransmits are wasteful and this logic does not apply.
ssh+2FA to all your machines, anywhere, without opening firewall ports.