curl.1: Document weaknesses in SSLv2 and SSLv3

Acknowledge that SSLv3 is also widely considered to be insecure. Also, provide references for people who want to know more about why it's insecure.
author: Daniel Kahn Gillmor <dkg@fifthhorseman.net> 2015-08-15 10:33:59 +0200
committer: Daniel Stenberg <daniel@haxx.se> 2015-08-15 22:53:46 +0200
commit: 31673ff517e474cd0d8472d049dafa1a6d4ef154 (patch)
tree: 213fc84b9edf7e3d9a15d53fc9cc7f9241ad6d41
parent: bedf0a588ee070043a896e0aa8e2b1160f8c884e (diff)
1 files changed, 3 insertions, 2 deletions
diff --git a/docs/curl.1 b/docs/curl.1
index cf37d63c9..dd17f5512 100644
--- a/docs/curl.1
+++ b/docs/curl.1
@@ -171,10 +171,11 @@ a level of control).
 .IP "-2, --sslv2"
 (SSL) Forces curl to use SSL version 2 when negotiating with a remote SSL
 server. Sometimes curl is built without SSLv2 support. SSLv2 is widely
-considered insecure.
+considered insecure (see RFC 6176).
 .IP "-3, --sslv3"
 (SSL) Forces curl to use SSL version 3 when negotiating with a remote SSL
-server. Sometimes curl is built without SSLv3 support.
+server. Sometimes curl is built without SSLv3 support. SSLv3 is widely
+considered insecure (see RFC 7568).
 .IP "-4, --ipv4"
 This option tells curl to resolve names to IPv4 addresses only, and not for
 example try IPv6.
author	Daniel Kahn Gillmor <dkg@fifthhorseman.net>	2015-08-15 10:33:59 +0200
committer	Daniel Stenberg <daniel@haxx.se>	2015-08-15 22:53:46 +0200
commit	31673ff517e474cd0d8472d049dafa1a6d4ef154 (patch)
tree	213fc84b9edf7e3d9a15d53fc9cc7f9241ad6d41
parent	bedf0a588ee070043a896e0aa8e2b1160f8c884e (diff)