Explain why PROTOCOL_SSLv23 does not support SSLv2 and SSLv3 by default.

author: Christian Heimes <christian@python.org> 2016-09-13 10:09:55 (GMT)
committer: Christian Heimes <christian@python.org> 2016-09-13 10:09:55 (GMT)
commit: 17352fff923b90d3d829c29c063aacdb68fb987c (patch)
tree: 763affd201ddd8c8a59f9725afb2c884a7cdc3c1
parent: faf2cea1fdae5bdb99d3406bda2fe6090890d4fe (diff)
download: cpython-17352fff923b90d3d829c29c063aacdb68fb987c.zip
cpython-17352fff923b90d3d829c29c063aacdb68fb987c.tar.gz
cpython-17352fff923b90d3d829c29c063aacdb68fb987c.tar.bz2
1 files changed, 14 insertions, 10 deletions
diff --git a/Doc/library/ssl.rst b/Doc/library/ssl.rst
index b7723f4..3a9ffbc 100644
--- a/Doc/library/ssl.rst
+++ b/Doc/library/ssl.rst
@@ -192,16 +192,20 @@ instead.
 
      .. table::
 
-       ========================  =========  =========  ==========  =========  ===========  ===========
-        *client* / **server**    **SSLv2**  **SSLv3**  **TLS**     **TLSv1**  **TLSv1.1**  **TLSv1.2**
-       ------------------------  ---------  ---------  ----------  ---------  -----------  -----------
-        *SSLv2*                    yes        no         yes         no         no         no
-        *SSLv3*                    no         yes        yes         no         no         no
-        *TLS* (*SSLv23*)           no         yes        yes         yes        yes        yes
-        *TLSv1*                    no         no         yes         yes        no         no
-        *TLSv1.1*                  no         no         yes         no         yes        no
-        *TLSv1.2*                  no         no         yes         no         no         yes
-       ========================  =========  =========  ==========  =========  ===========  ===========
+       ========================  ============  ============  =============  =========  ===========  ===========
+        *client* / **server**    **SSLv2**     **SSLv3**     **TLS**        **TLSv1**  **TLSv1.1**  **TLSv1.2**
+       ------------------------  ------------  ------------  -------------  ---------  -----------  -----------
+        *SSLv2*                    yes           no            no [1]_        no         no         no
+        *SSLv3*                    no            yes           no [2]_        no         no         no
+        *TLS* (*SSLv23*)           no [1]_       no [2]_       yes            yes        yes        yes
+        *TLSv1*                    no            no            yes            yes        no         no
+        *TLSv1.1*                  no            no            yes            no         yes        no
+        *TLSv1.2*                  no            no            yes            no         no         yes
+       ========================  ============  ============  =============  =========  ===========  ===========
+
+   .. rubric:: Footnotes
+   .. [1] :class:`SSLContext` disables SSLv2 with :data:`OP_NO_SSLv2` by default.
+   .. [2] :class:`SSLContext` disables SSLv2 with :data:`OP_NO_SSLv2` by default.
 
    .. note::
author	Christian Heimes <christian@python.org>	2016-09-13 10:09:55 (GMT)
committer	Christian Heimes <christian@python.org>	2016-09-13 10:09:55 (GMT)
commit	17352fff923b90d3d829c29c063aacdb68fb987c (patch)
tree	763affd201ddd8c8a59f9725afb2c884a7cdc3c1
parent	faf2cea1fdae5bdb99d3406bda2fe6090890d4fe (diff)
download	cpython-17352fff923b90d3d829c29c063aacdb68fb987c.zip cpython-17352fff923b90d3d829c29c063aacdb68fb987c.tar.gz cpython-17352fff923b90d3d829c29c063aacdb68fb987c.tar.bz2