diff --git a/src/interfaces/libpq/libpq-int.h b/src/interfaces/libpq/libpq-int.h
index 1de91ae295..dd0445b785 100644
--- a/src/interfaces/libpq/libpq-int.h
+++ b/src/interfaces/libpq/libpq-int.h
@@ -367,8 +367,15 @@ struct pg_conn
 	char	   *krbsrvname;		/* Kerberos service name */
 	char	   *gsslib;			/* What GSS library to use ("gssapi" or
 								 * "sspi") */
-	char	   *ssl_min_protocol_version;	/* minimum TLS protocol version */
-	char	   *ssl_max_protocol_version;	/* maximum TLS protocol version */
+	/*
+	 * Minimum/maximum TLS protocol version bounds for the connection.
+	 * Contrary to the corresponding server protocol version settings, there is
+	 * no default protocol version set client side to ensure that a new client
+	 * can still connect to an old server. When all server versions which
+	 * shipped without a default versions are EOL we can revisit this.
+	 */
+	char	   *ssl_min_protocol_version;
+	char	   *ssl_max_protocol_version;
 
 	/* Type of connection to make.  Possible values: any, read-write. */
 	char	   *target_session_attrs;