There is not much an average end-user can do about their internet connection or available hardware/software.
If you live in Kazakhstan, you'll have all https MitM'ed since 2016-01-01, since the country has to know what blogs people are reading, and the widespread https for public content makes it much more difficult to accomplish without MitM'ing the connection. http://archive.is/http://telecom.kz/en/news/view/18729
Likewise, SHA1 sunset will block millions from encrypted net, Facebook warns.
If my site employs https and TLS, how do I properly enable downgrade support in TLS, to not lose any audience that may be incapable of establishing a truly secure TLS connection?