As a rather low priority suggestion for 3.0.6, allow TLS 1.0 to be selectively disabled if desired.