We've developed an application that has lots of older clients connecting to place secure orders. Some of our customers are now receiving failing PCI from TrustWave saying that TLS 1.0 is no longer PCI compliant. This doesn't seem to me to be an acceptable solution at this point. If I turn off TLS 1.0 I feel like I'm going to cause major headaches for my customers. I'm just curious what others are doing or think about this.