Forum Discussion
May I ask why you're thinking about disabling TLS1.0 at this point? Is it your self-initiative, or is there an applicable regulation pushing you?
The point in PCI DSS 3.1 which says that TLS1.0 must not be supported is still valid, but the enforcement of the ruling was postponed by 2 years. This means the new deadline for disabling TLS1.0 is 2018 June 30 (this applies to all existing services).
Source: http://blog.pcisecuritystandards.org/migrating-from-ssl-and-early-tls
I'd say go for it, if you feel like doing so. Just keep in mind that there will be considerable impact mainly due to IE10 users (IE10 does not support TLS1.1/1.2 with default configuration). There are also those who use IE8 and IE9 these days. You may estimate that disabling TLS1.0 today will cut off about 1.2% of customer base, out of which 0.7% are legacy IE users and another 0.5% who use another obsolete web browser. (Source: http://www.w3schools.com/browsers/browsers_explorer.asp)
Tip: If you want a decent level of security, and cut off as little customer base as possible, the best tip is to not be more restrictive than large retail banks :). None of the biggest 4 have disabled TLS1.0 at this point.