From 69539990a8152e90dbe1df1124263db126b1e6f3 Mon Sep 17 00:00:00 2001
From: Matt Caswell <matt@openssl.org>
Date: Wed, 3 Apr 2019 23:13:59 +0100
Subject: [PATCH] Correct the documentation about SSL_CIPHER_description()

There are some ciphersuites that were introduced in TLSv1.0/TLSv1.1 but
are backwards compatible with SSLv3.

Fixes #8655

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8658)
---
 doc/man3/SSL_CIPHER_get_name.pod | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/doc/man3/SSL_CIPHER_get_name.pod b/doc/man3/SSL_CIPHER_get_name.pod
index 51c3941f06..1da3447b44 100644
--- a/doc/man3/SSL_CIPHER_get_name.pod
+++ b/doc/man3/SSL_CIPHER_get_name.pod
@@ -124,7 +124,10 @@ Textual representation of the cipher name.
 
 =item <protocol version>
 
-Protocol version, such as B<TLSv1.2>, when the cipher was first defined.
+The minimum protocol version that the ciphersuite supports, such as B<TLSv1.2>.
+Note that this is not always the same as the protocol version in which the
+ciphersuite was first defined because some ciphersuites are backwards compatible
+with earlier protocol versions.
 
 =item Kx=<key exchange>
 
-- 
2.25.1