Addition of migration guide and corrections to the ChangeLog file

Signed-off-by: TRodziewicz <tomasz.rodziewicz@mobica.com>

ChangeLog.d/issue4286.txt

@@ -1,9 +1,14 @@
 Removals
-   * Remove the following deprecated library constants
-     MBEDTLS_SSL_PROTO_TLS1, MBEDTLS_SSL_PROTO_TLS1_1,
-     MBEDTLS_SSL_CBC_RECORD_SPLITTING,
+   * Remove the TLS 1.0, TLS 1.1 and DTLS 1.0 support by removing the following
+     deprecated library constants: MBEDTLS_SSL_PROTO_TLS1,
+     MBEDTLS_SSL_PROTO_TLS1_1, MBEDTLS_SSL_CBC_RECORD_SPLITTING,
      MBEDTLS_SSL_CBC_RECORD_SPLITTING_ENABLED,
-     MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED and functions
-     ssl_write_split(), mbedtls_ssl_conf_cbc_record_splitting() as well as test
+     MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED, MBEDTLS_SSL_RECORD_CHECKING,
+     MBEDTLS_SSL_FALLBACK_SCSV, MBEDTLS_SSL_FALLBACK_SCSV_VALUE,
+     MBEDTLS_SSL_IS_FALLBACK, MBEDTLS_SSL_IS_NOT_FALLBACK, and functions:
+     ssl_write_split(), mbedtls_ssl_conf_cbc_record_splitting(), tls1_prf(),
+     ssl_update_checksum_md5sha1(), mbedtls_ssl_get_key_exchange_md_ssl_tls(),
+     mbedtls_ssl_check_record(), ssl_check_record(), ssl_calc_verify_tls(),
+     ssl_calc_finished_tls(), mbedtls_ssl_conf_fallback() as well as test
      function component_test_variable_ssl_in_out_buffer_len_record_splitting().
      Fixes #4286.

docs/3.0-migration-guide.d/remove_support_for_tls_1.0_1.1_and_dtls_1.0.md

@@ -0,0 +1,11 @@
+Remove suport for TLS 1.0, 1.1 and DLTS 1.0
+-------------------------------------------
+
+This change affects users of the TLS 1.0, 1.1 and DTLS 1.0.
+
+The versions of (D)TLS that are being removed are not as secure as the latest
+versions. Keeping them in the library creates opportunities for misconfiguration
+and possibly downgrade attacks. More generally, more code means a larger attack
+surface, even if the code is supposedly not used.
+
+The migration path is to adopt the latest versions of the protocol.