[TLS, V3] Allow forcing of TLS 1.3 #26255
Description
This is a follow on to #26246.
Customers will want to be able to force TLS to only allow version 1.3 for security purposes. We should expose this as a feature for users. In fact it would be better to force only version 1.3 and have a flag to enable 1.2. This way users have a more secure default. While 1.2 is still considered secure, it's better to lead the ecosystem forward and let users opt into that behavior rather than the other way around.