Fix outdated ssl:// transport description and clarify TLS behavior

[lacatoire]

Summary

The documentation for the ssl:// stream transport currently states that it
negotiates SSLv2 or SSLv3 connections. This is outdated and misleading.

Since PHP 5.6 (Improved TLS Defaults RFC), SSLv2 and SSLv3 are obsolete,
insecure, and no longer enabled by default in modern PHP/OpenSSL builds.
In practice, ssl:// negotiates the best available SSL/TLS protocol based
on client and server capabilities, OpenSSL configuration, and optional
stream context settings (e.g. ssl.crypto_method).

Changes

• Update the description of ssl:// to reflect modern SSL/TLS negotiation.
• Explicitly note that SSLv2 and SSLv3 are obsolete and insecure.
• Remove misleading sslv2:// and sslv3:// examples while keeping the
  transports documented for backward compatibility.

Rationale

This aligns the documentation with actual PHP behavior and with the
"Improved TLS Defaults" RFC, while preserving backward compatibility and
avoiding API changes.

References

• RFC: Improved TLS Defaults
  https://wiki.php.net/rfc/improved-tls-defaults
• Related issue: ssl:// internet domain description outdated #5081

[Girgias]

TIL, might make sense to formally deprecate the sslv2:// and sslv3:// layers. Could add it to https://wiki.php.net/rfc/deprecations_php_8_6