From 01fa8497e9f8aa885dbe6a11daa9f97bdd0795bf Mon Sep 17 00:00:00 2001
From: Tatsuo Ishii <ishii@sraoss.co.jp>
Date: Wed, 12 Aug 2020 20:17:44 +0900
Subject: [PATCH] Doc: mention that ssl_ciphers only affects to TLS 1.2 and
 lower.

The changes are imported from PostgreSQL manual.
---
 doc.ja/src/sgml/ssl.sgml | 16 +++-------------
 doc/src/sgml/ssl.sgml    |  5 ++++-
 2 files changed, 7 insertions(+), 14 deletions(-)
diff --git a/doc.ja/src/sgml/ssl.sgml b/doc.ja/src/sgml/ssl.sgml
index 156362b14..053af4273 100644
--- a/doc.ja/src/sgml/ssl.sgml
+++ b/doc.ja/src/sgml/ssl.sgml
@@ -230,21 +230,11 @@
     </term>
     <listitem>
      <para>
-      <!--
-      Specifies a list of <acronym>SSL</acronym> cipher suites that
-      are allowed to be used on secure connections.  See
-      the <citerefentry><refentrytitle>ciphers</refentrytitle></citerefentry>
-      manual page in the <application>OpenSSL</application> package
-      for the syntax of this setting and a list of supported values.
-      The default value
-      is <literal>HIGH:MEDIUM:+3DES:!aNULL</literal>, which is same
-      as <productname>PostgreSQL</productname>.
-      See <productname>PostgreSQL</productname> manual to know why
-      the value is chosen.
-      -->
-      ã»ã­ã¥ã¢ãªæ¥ç¶ã§ä½¿ç¨ã§ãã<acronym>SSL</acronym>æå·ã¹ã¤ã¼ãã®ãªã¹ããæå®ãã¾ãã
+      SSLæ¥ç¶ã§ä½¿ç¨ã§ãã<acronym>SSL</acronym>æå·ã¹ã¤ã¼ãã®ãªã¹ããæå®ãã¾ãã
       è¨­å®æ§æã¨ä½¿ç¨å¯è½ãªå¤ã®ãªã¹ãã«ã¤ãã¦ã¯<application>OpenSSL</application>ããã±ã¼ã¸ã®
       <citerefentry><refentrytitle>ciphers</refentrytitle></citerefentry>ããã¥ã¢ã«ããè¦§ãã ããã
+      TLSãã¼ã¸ã§ã³1.2ãããã¯ããä»¥ä¸ã®ãã¼ã¸ã§ã³ã®ã¿ãå½±é¿ãåãã¾ãã
+      ä»ã®æãTLSãã¼ã¸ã§ã³1.3æ¥ç¶ã§ä½¿ç¨ãããæå·ã®é¸æãå¶å¾¡ããè¨­å®ã¯ããã¾ããã
       ããã©ã«ãå¤ã¯<literal>HIGH:MEDIUM:+3DES:!aNULL</literal>ã§ã<productname>PostgreSQL</productname>ã¨åãã§ãã
       ãã®å¤ãé¸ã°ããçç±ã«ã¤ãã¦ã¯ã<productname>PostgreSQL</productname>ã®ããã¥ã¢ã«ããè¦§ãã ããã
      </para>
diff --git a/doc/src/sgml/ssl.sgml b/doc/src/sgml/ssl.sgml
index d78568c74..f071b30fe 100644
--- a/doc/src/sgml/ssl.sgml
+++ b/doc/src/sgml/ssl.sgml
@@ -158,10 +158,13 @@
     <listitem>
      <para>
       Specifies a list of <acronym>SSL</acronym> cipher suites that
-      are allowed to be used on secure connections.  See
+      are allowed to be used by SSL connections.  See
       the <citerefentry><refentrytitle>ciphers</refentrytitle></citerefentry>
       manual page in the <application>OpenSSL</application> package
       for the syntax of this setting and a list of supported values.
+      Only connections using TLS version 1.2 and lower are affected.
+      There is currently no setting that controls the cipher choices
+      used by TLS version 1.3 connections.
       The default value
       is <literal>HIGH:MEDIUM:+3DES:!aNULL</literal>, which is same
       as <productname>PostgreSQL</productname>.
-- 
2.39.5

