Kurt D. Zeilenga wrote: > > I note that your report implies that this client may be > prone to downgrade attack, you might consider reporting > this its developer. Yes, I'm aware of that section in RFC 2830. But thanks for reminding me. I will also inform the client developer. Ciao, Michael.