John Hascall wrote: > Note however, that if you accepted a downgrade, > the first thing you sent could be a secure > (yes "less" secure) request for the supported > types.
The whole point of the downgrade attack is to make the party being attacked use a weaker method that is believed to be secure but in fact has already been cracked by the attacker. Jeffrey Altman
smime.p7s
Description: S/MIME Cryptographic Signature