Disabling SSLv2 and moving to SSLv3 doesn't hurt anything, as XP being deprecated notwithstanding, even completely unpatched Windows XP machines with IIS 6 support SSLv3.

Even going to the next step of disabling SSLv3 isn't much of a problem, as XP being deprecated still notwithstanding, Windows XP SP3, or Windows XP SP2 with KB946627, or XP RTM with unpatched IIS 6 where users went into Options, Advanced, Security, and checked the TLS 1.0 checkbox, also have TLS 1.0 available, as does every later version and browser. I do understand wanting to keep maximum compatibility even for very old clients, though, and SSLv3 isn't nearly as broken as SSLv2 is.

I did not mean moving the entire site to SSL, i.e. forcing everyone to use SSL for the entire site. What I meant was to suggest adding the capability to use SSL to the entire site, for those who desire to use it, and leaving the "force SSL on the login page" alone.