Eric Allman wrote:
(3) Wasn't the issue of downgrade attacks discussed in Dallas and
resolved on the list? In specific, it was issue 1196 (Upgrade
indication and protection against downgrade attacks). As near as I
can tell, the exact same issues that Doug is raising were discussed in
this issue, and a frankly much more elegant approach was proposed. Why
is this issue alive again?
That was my recollection too. Mark proposed something a long while back
which seemed like it would work, but the consensus was that we didn't need
the complexity, etc, given the threats so the entire subject was dropped.
Mike
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html