As an end user, what are the risks associated with browsing a public website using TLSv1?

Is it safe for an end user to browse a Web site that only supports TLSv1 (or other unsecured encryptions or protocols), in the following cases:

  • it is a publicly accessible website without sensitive or private data
  • it does not require connection, login, or other user data.

So, for all intents and purposes, let's assume that the website is meant to be a http: // site, but has an SSL certificate that is obsolete by modern security standards.

And by safe, I mean that they're not open to a type of exploit, other than MITM of course. By exploit here, I mean that there is no way to use a bad SSL certificate to install malware on their computer, right?