Y
Hacker News
new
|
ask
|
show
|
jobs
by
CiPHPerCoder
2774 days ago
Oh, this did seem familiar!
The AES-CBC thing is tied to the key, right? So the downgrade attack isn't possible.
1 comments
xxkylexx
2774 days ago
Yes, new account keys are identified (presence of a mac key) and block the downgrade (see code link above).
link