commit d7930fb720b5e9db2076b116dffcd52b6ca71438
author Miss Islington (bot) <31488909+miss-islington@users.noreply.github.com> Fri Jun 11 00:36:17 2021 -0700
committer GitHub <noreply@github.com> Fri Jun 11 00:36:17 2021 -0700
tree 3707ebb7bd5cf5af5cc0f88ac1c9f322d49f0220
parent b613132861839b6d05b67138842b579e1af29f9c

bpo-44362: ssl: improve deprecation warnings and docs (GH-26646)


Signed-off-by: Christian Heimes <christian@python.org>
(cherry picked from commit e26014f1c47d26d6097ff7a0f25384bfbde714a9)

Co-authored-by: Christian Heimes <christian@python.org>

Doc/library/ssl.rst

diff --git a/Doc/library/ssl.rst b/Doc/library/ssl.rst
index afa3d87..4902d34 100644
--- a/Doc/library/ssl.rst
+++ b/Doc/library/ssl.rst
@@ -681,19 +681,23 @@
 
    .. deprecated:: 3.10
 
+      TLS clients and servers require different default settings for secure
+      communication. The generic TLS protocol constant is deprecated in
+      favor of :data:`PROTOCOL_TLS_CLIENT` and :data:`PROTOCOL_TLS_SERVER`.
+
 .. data:: PROTOCOL_TLS_CLIENT
 
-   Auto-negotiate the highest protocol version like :data:`PROTOCOL_TLS`,
-   but only support client-side :class:`SSLSocket` connections. The protocol
-   enables :data:`CERT_REQUIRED` and :attr:`~SSLContext.check_hostname` by
-   default.
+   Auto-negotiate the highest protocol version that both the client and
+   server support, and configure the context client-side connections. The
+   protocol enables :data:`CERT_REQUIRED` and
+   :attr:`~SSLContext.check_hostname` by default.
 
    .. versionadded:: 3.6
 
 .. data:: PROTOCOL_TLS_SERVER
 
-   Auto-negotiate the highest protocol version like :data:`PROTOCOL_TLS`,
-   but only support server-side :class:`SSLSocket` connections.
+   Auto-negotiate the highest protocol version that both the client and
+   server support, and configure the context server-side connections.
 
    .. versionadded:: 3.6