[warp]

Does anyone have any idea what kind of clients would require SSL3 to stay enabled? Old android phones and/or Windows XP perhaps?

[cesarb]

Quoting myself (https://news.ycombinator.com/item?id=8453718):

"For clients, a quick look at https://www.ssllabs.com/ssltest/clients.html shows that even older clients (Android 2.3, Java 6, the oldest supported version of IE, etc) support TLS 1.0, so there should be no issues disabling SSLv3 on servers too."

[wiredfool]

IE6/XP According to Qualsys.

[ck2]

IE6 on XP can actually use TLS, it is just not enabled by default.

But IE8 is readily available on XP so who would use IE6

[wiredfool]

I think it's probably safe to say that anyone who's using IE6 is either not one who cannot change the defaults (by policy or by skill) or their machine is already malware infested.