make SSLv23 the default version in ftplib (closes #23111)
diff --git a/Doc/library/ftplib.rst b/Doc/library/ftplib.rst
index b42cf64..ec07c87 100644
--- a/Doc/library/ftplib.rst
+++ b/Doc/library/ftplib.rst
@@ -384,7 +384,7 @@
 
 .. attribute:: FTP_TLS.ssl_version
 
-   The SSL version to use (defaults to *TLSv1*).
+   The SSL version to use (defaults to :attr:`ssl.PROTOCOL_SSLv23`).
 
 .. method:: FTP_TLS.auth()
 
diff --git a/Lib/ftplib.py b/Lib/ftplib.py
index c98290c..0a69b7a 100644
--- a/Lib/ftplib.py
+++ b/Lib/ftplib.py
@@ -638,7 +638,7 @@
         '221 Goodbye.'
         >>>
         '''
-        ssl_version = ssl.PROTOCOL_TLSv1
+        ssl_version = ssl.PROTOCOL_SSLv23
 
         def __init__(self, host='', user='', passwd='', acct='', keyfile=None,
                      certfile=None, timeout=_GLOBAL_DEFAULT_TIMEOUT):
@@ -656,7 +656,7 @@
             '''Set up secure control connection by using TLS/SSL.'''
             if isinstance(self.sock, ssl.SSLSocket):
                 raise ValueError("Already using TLS")
-            if self.ssl_version == ssl.PROTOCOL_TLSv1:
+            if self.ssl_version >= ssl.PROTOCOL_SSLv23:
                 resp = self.voidcmd('AUTH TLS')
             else:
                 resp = self.voidcmd('AUTH SSL')
diff --git a/Misc/NEWS b/Misc/NEWS
index 276b537..47a73fe 100644
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -15,6 +15,8 @@
 Library
 -------
 
+- Issue #23111: Maximize compatibility in protocol versions of ftplib.FTP_TLS.
+
 - Issue #23112: Fix SimpleHTTPServer to correctly carry the query string and
   fragment when it redirects to add a trailing slash.