From e2f2ec16a5166f6a3e927df068642f24238c8a3b Mon Sep 17 00:00:00 2001
From: Nicolas Sebrecht <nicolas.s-dev@laposte.net>
Date: Mon, 12 Oct 2015 06:42:29 +0200
Subject: [PATCH] offlineimap.conf: improve documentation on SSL, mark
 tls_level experimental

Signed-off-by: Nicolas Sebrecht <nicolas.s-dev@laposte.net>
---
 offlineimap.conf | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/offlineimap.conf b/offlineimap.conf
index 90fe771..e1731a2 100644
--- a/offlineimap.conf
+++ b/offlineimap.conf
@@ -637,11 +637,14 @@ remotehost = examplehost
 
 # This option stands in the [Repository RemoteExample] section.
 #
-# SSL version (optional).
+# Set SSL version tu use (optional).
 #
 # It is best to leave this unset, in which case the correct version will be
 # automatically detected. In rare cases, it may be necessary to specify a
-# particular version from: tls1, ssl2, ssl3, ssl23 (SSLv2 or SSLv3)
+# particular version from: tls1, ssl2, ssl3, ssl23 (SSLv2 or SSLv3).
+#
+# See the configuration option tls_level to automatically disable insecure
+# protocols.
 #
 #ssl_version = ssl23
 
@@ -651,9 +654,14 @@ remotehost = examplehost
 # TLS support level (optional).
 #
 # Specify the level of support that should be allowed for this repository.
-# Can be used to disallow insecure SSL versions. Supported values are:
+# Can be used to disallow insecure SSL versions as defined by IETF
+# (see https://tools.ietf.org/html/rfc6176).
+#
+# Supported values are:
 # tls_secure, tls_no_ssl, tls_compat (the default).
 #
+# This option is EXPERIMENTAL.
+#
 #tls_level = tls_compat