Using NSAllowsArbitraryLoads appears to be a temporary workaround. But it probably won't be available at some point.
However, I was able to get things working with a TLS 1.0 server (YOUR_HOST.COM) by doing the following:
Take special note of the "NSTemporaryExceptionRequiresForwardSecrecy" flag. It needs to be turned OFF.
<key>NSAppTransportSecurity</key>
<dict>
<key>NSExceptionDomains</key>
<dict>
<key>YOUR_HOST.COM</key>
<dict>
<key>NSIncludesSubdomains</key>
<true/>
<key>NSTemporaryExceptionAllowsInsecureHTTPLoads</key>
<true/>
<key>NSTemporaryExceptionMinimumTLSVersion</key>
<string>1.0</string>
<key>NSTemporaryExceptionRequiresForwardSecrecy</key>
<false/>
</dict>
</dict>
</dict>