With the depreciation of old protocols (i.e. DH keys < 2048, 3DES) it is now expected to fail certain Handshake Simulations, including:
- IE 6 / XP
- IE 8 / XP
- Java 6
Additionally TLSv1.0 is due to be switched off soon (e.g. to comply with PCI compliance mandate changes) which will make this problem worse. I already see this for those sites brave enough to switch of TLSv1.0 and TLSv1.1 (e.g. SSL Server Test: www.tfl.gov.uk (Powered by Qualys SSL Labs) ).
While I agree it is still useful for most (all?) of these Handshake Simulations to show in the testing tool, as they are (unfortunately!) still in reasonably popular use, I think the red colouring incorrect suggests a problem - rather than good config. Now it's probably not quite right to label these "green", but think you should consider changing them to a neutral black colour. At least for the 3 simulations I have suggested above, with perhaps the addition of the TLSv1.0-only clients at a future date.