From 3ded421fd56b8b6b4e4d5c70c50737a757752014 Mon Sep 17 00:00:00 2001 From: "Andrew M. Kuchling" Date: Fri, 30 Apr 2010 00:52:31 +0000 Subject: [PATCH] Reword paragraph to make its meaning clearer. Antoine Pitrou: is my version of the paragraph still correct? R. David Murray: is this more understandable than the previous version? --- Doc/library/ssl.rst | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/Doc/library/ssl.rst b/Doc/library/ssl.rst index 0d19fb9127d..c69fac4bd22 100644 --- a/Doc/library/ssl.rst +++ b/Doc/library/ssl.rst @@ -121,13 +121,16 @@ Functions, Constants, and Exceptions .. note:: - This information varies depending on the version of OpenSSL. - For instance, in some older versions of OpenSSL (such as 0.9.7l on - OS X 10.4), an SSLv2 client could not connect to an SSLv23 server. - Conversely, starting from 1.0.0, an SSLv23 client will actually - try the SSLv3 protocol unless you explicitly enable SSLv2 ciphers. + Which connections succeed will vary depending on the version of + OpenSSL. For instance, in some older versions of OpenSSL (such + as 0.9.7l on OS X 10.4), an SSLv2 client could not connect to an + SSLv23 server. Another example: beginning with OpenSSL 1.0.0, + an SSLv23 client will not actually attempt SSLv2 connections + unless you explicitly enable SSLv2 ciphers; for example, you + might specify ``"ALL"`` or ``"SSLv2"`` as the *ciphers* parameter + to enable them. - The parameter ``ciphers`` sets the available ciphers for this SSL object. + The *ciphers* parameter sets the available ciphers for this SSL object. It should be a string in the `OpenSSL cipher list format `_.