@gargron maybe refer to TLS rather than SSL.

Generally looks good to me, and an improvement. Thanks for working on this.