On 23 February 2016 at 13:24, Hugo Krawczyk <[email protected]> wrote: > As for downgrades, this will be discovered by the server when receiving the > client's Finished message.
Won't a downgrade be detected by the client when it fails to decrypt the server's data? If the server was given a false impression about the client's capabilities, then that can only happen if it receives a different ClientHello to the one the client sent. _______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
