Add note on inner plaintext parsing to ssl_transform documentation

Signed-off-by: Hanno Becker <hanno.becker@arm.com>
diff --git a/include/mbedtls/ssl_internal.h b/include/mbedtls/ssl_internal.h
index e92381c..cd881eb 100644
--- a/include/mbedtls/ssl_internal.h
+++ b/include/mbedtls/ssl_internal.h
@@ -554,6 +554,10 @@
  *   time with the 8-byte record sequence number, without prepending the
  *   latter to the encrypted record.
  *
+ * Additionally, DTLS 1.2 + CID as well as TLS 1.3 use an inner plaintext
+ * which allows to add flexible length padding and to hide a record's true
+ * content type.
+ *
  * In addition to type and version, the following parameters are relevant:
  * - The symmetric cipher algorithm to be used.
  * - The (static) encryption/decryption keys for the cipher.