Add better ssl option docs

doc/topics/transports/tcp.rst

@@ -31,6 +31,38 @@ actual message that we are sending. With this flexible wire protocol we can
 implement any message semantics that we'd like-- including multiplexed message
 passing on a single socket.
 
+TLS Support
+===========
+
+.. version_added:: 2016.11.1
+
+The TCP transport allows for the master/minion communication to be optionally
+wrapped in a TLS connection. Enabling this is simple, the master and minion need
+to be using the tcp connection, then the `ssl` option is enabled. The `ssl`
+option is passed as a dict and corresponds to the options passed to the
+Python `ssl.wrap_socket <https://docs.python.org/2/library/ssl.html#ssl.wrap_socket>`
+function.
+
+A simple setup looks like this, on the Salt Master add the `ssl` option to the
+master configuration file:
+
+.. code-block:: yaml
+
+    ssl:
+      keyfile: <path_to_keyfile>
+      certfile: <path_to_certfile>
+      ssl_version: PROTOCOL_TLSv1_2
+
+The `ssl` option in the minion configuration file looks like this:
+
+
+.. note::
+
+    While setting the ssl_version is not required, we recomend it. Some older
+    versions of python do not support the latest TLS protocol and if this is
+    the case for your version of python we strongly recommend upgrading your
+    version of Python.
+
 
 Crypto
 ======