Update - The rolling brownouts have been upgraded to a blackout, TLSv1.0 and TLSv1.1 will be rejected with a HTTP 403 at all times.
Apr 8, 15:49 UTC

Update - We have increased the rolling brownouts to the first 20 minutes of every hour, plus the first 20 minutes after each half-hour (:00-:20 and :30-:50).
Apr 6, 11:43 UTC

Update - We have increased the rolling brownouts to the first 15 minutes of every hour, plus the first 15 minutes after each half-hour (:00-:15 and :30-:45).
Apr 3, 11:45 UTC

Update - We have increased the rolling brownouts to the first 15 minutes of every hour, plus the first 10 minutes after each half-hour (:00-:15 and :30-:40).
Mar 31, 16:00 UTC

Update - We have increased the rolling brownouts to the first 15 minutes of every hour, plus the first 5 minutes after each half-hour (:00-:15 and :30-:35).
Mar 28, 16:33 UTC

Update - We are currently enforcing TLSv1.2 during the first 15 minutes of each hour. You can follow the planning and discussion of this maintenance at https://github.com/pypa/warehouse/issues/3411
Mar 27, 16:46 UTC

In progress - Scheduled maintenance is currently in progress. We will provide updates as necessary.
Mar 22, 18:59 UTC

Scheduled - In preparation for our CDN provider deprecating TLSv1.0 and TLSv1.1 protocols, we have begun rolling brownouts for these protocols for the first ten (10) minutes of each hour.

During that window, clients accessing pypi.python.org with clients that do not support TLSv1.2 will receive an HTTP 403 with the error message "This is a brown out of TLSv1 support. TLSv1 support is going away soon, upgrade to a TLSv1.2+ capable client.".

For users of pip on MacOS/OS X, upgrading to the latest pip should resolve the issue. pip users on other platforms should upgrade their OpenSSL to a version which supports TLSv1.2.

If you have trouble with getting your PyPI client working, file an issue at https://github.com/pypa/packaging-problems/issues.