This will mean Chrome<70 and Firefox<63 users will no longer be able to view Wikimedia projects.

Also, Safari (desktop) only have complete support for TLS 1.3 since Safari 14, released September 2020.

"able to view Wikimedia projects" means Grade C, not Grade A.

Feel free to move the tag to a more specific subtask.

I think you might need to check your stats based on UserAgent (if that is possible). You might need to check with tool and bot authors which might be using outdated software. This is important because a single connection once a day by some tool might be used by thousands of users.

For example with some effort you can support TLS 1.2 as far back as Java 7. It is not possible to do that with TLS 1.3.

I guess most tools should be fairly easy to update, but probably not effortless.

TLS 1.3 is also available in Safari 12.1 and later. Full support in macOS Mojave and later, and iOS.

https://caniuse.com/tls1-3

However, Safari 12/13 on macOS Sierra and High Sierra are not compatible with TLS 1.3.

Let's give a update to market share:

• Chrome 49: 0.02%
• Chrome 50: 0.01%
• Chrome 53: 0.01%
• Chrome 56: 0.02%
• Chrome 66: 0.02%
• Chrome 69: 0.08%
• Firefox 52: 0.04%
• Firefox 56: 0.01%
• Safari 12.1: 0.01%
• Safari 13.1: 0.06%
• Safari iOS 10.2: 0.01%
• Safari iOS 10.3: 0.04%
• Safari iOS 11.2: 0.16%
• Safari iOS 11.4: 0.01%
• Safari iOS 12.1: 0.01%

These browsers listed (0.50% total) don't support TLS 1.3.

Usually better to use our own stats.

• Edge <= 78: 0.006%
• Chrome <= 53: 0.421%; Chrome 54 - 69: 0.307%
• Firefox <= 50: 0.28%; Firefox 51 - 62: 0.02% (caveat: a chunk of the early versions is traffic that hasn't been able to reach us in a while indicating bots e.g. Firefox <= 20: 0.121%, which still leaves 0.159% on the table)
• IE: 0.391% (similar caveat to Firefox e.g. IE <= 9: 0.185% leaving 0.206%)
• Safari iOS <= 12: 0.159%
• Opera Mini: 0.08%; Opera <= 53: 0.057% (54-56 are at 0%; Opera Mobile 12 at 0%)
• Samsung Internet <= 10: 0.045%

Which my offline calculator puts at 1.488% total unsupported and another 0.309% mixed support (excluding the bots). Including the estimated bots adds another 0.306%. So potentially around 2% of traffic not supporting TLS 1.3. Plus Other and Redacted are in the realm of 0.6% which we don't (other) and can't (redacted) know details of. (I totally ignored all the smaller browsers which looks to be another 0.01% or so in relevant ranges. Yandex 0.004%, Chrome Mobile Webview 0.007%.)

TLS 1.3 is not as big of a issue for Android as with iOS.
Chrome 71 and Firefox 68 (both released 5 years ago) are compatible with Android 4.1 and above. These browsers support TLS 1.3.
Android 4.1 is 12 years old. However, iOS Safari 10-11, which are 7-8 years old, don't support TLS 1.3. Apple only managed to implement TLS 1.3 in iOS Safari 12.2, which is six years old.