diff --git a/Doc/whatsnew/3.7.rst b/Doc/whatsnew/3.7.rst
index 53fbe185a3a..ac13890d979 100644
--- a/Doc/whatsnew/3.7.rst
+++ b/Doc/whatsnew/3.7.rst
@@ -1304,8 +1304,8 @@ Host name validation can be customized with
 .. note::
    The improved host name check requires a *libssl* implementation compatible
    with OpenSSL 1.0.2 or 1.1.  Consequently, OpenSSL 0.9.8 and 1.0.1 are no
-   longer supported.  The ssl module is mostly compatible with LibreSSL 2.7.2
-   and newer.
+   longer supported (see :ref:`37-platform-support-removals` for more details).
+   The ssl module is mostly compatible with LibreSSL 2.7.2 and newer.
 
 The ``ssl`` module no longer sends IP addresses in SNI TLS extension.
 (Contributed by Christian Heimes in :issue:`32185`.)
@@ -2069,10 +2069,33 @@ or higher.  (Contributed by Serhiy Storchaka in :issue:`27867`.)
 (Contributed by Antoine Pitrou in :issue:`16500`.)
 
 
+.. _37-platform-support-removals:
+
 Platform Support Removals
 =========================
 
-FreeBSD 9 and older are no longer officially supported.
+* FreeBSD 9 and older are no longer officially supported.
+* For full Unicode support, including within extension modules, \*nix platforms
+  are now expected to provide at least one of ``C.UTF-8`` (full locale),
+  ``C.utf8`` (full locale) or ``UTF-8`` (``LC_CTYPE``-only locale) as an
+  alternative to the legacy ``ASCII``-based ``C`` locale.
+* OpenSSL 0.9.8 and 1.0.1 are no longer supported, which means building CPython
+  3.7 with SSL/TLS support on older platforms still using these versions
+  requires custom build options that link to a more recent version of OpenSSL.
+
+  Notably, this issue affects the Debian 8 (aka "jessie") and Ubuntu 14.04
+  (aka "Trusty") LTS Linux distributions, as they still use OpenSSL 1.0.1 by
+  default.
+
+  Debian 9 ("stretch") and Ubuntu 16.04 ("xenial"), as well as recent releases
+  of other LTS Linux releases (e.g. RHEL/CentOS 7.5, SLES 12-SP3), use OpenSSL
+  1.0.2 or later, and remain supported in the default build configuration.
+
+  CPython's own :source:`CI configuration file <.travis.yml>` provides an
+  example of using the SSL
+  :source:`compatibility testing infrastructure <Tools/ssl/multissltests.py>` in
+  CPython's test suite to build and link against OpenSSL 1.1.0 rather than an
+  outdated system provided OpenSSL.
 
 
 API and Feature Removals