John Hascall <[EMAIL PROTECTED]> wrote: >>> The behavior prevents a denial of service attack against the >>> clients. >> Sorry, meant to say "prevents a downgrade attack" against the >> clients. > > Huh? How exactly would returning a "security index not supported" > error instead of just ignoring the packet result in a downgrade > attack?
How would you ever know if the "security index not supported" packet came from a legit server? <<CDC _______________________________________________ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info