> Huh? How exactly would returning a "security index not supported" > error instead of just ignoring the packet result in a > downgrade attack?
I believe it is similar to the CIFS Downgrade Attack scenerio (Google for it if you are not familiar with this classic vulnerability). _______________________________________________ OpenAFS-info mailing list OpenAFS-info@openafs.org https://lists.openafs.org/mailman/listinfo/openafs-info