> > The behavior prevents a denial of service attack against the clients. > Sorry, meant to say "prevents a downgrade attack" against the clients. Huh? How exactly would returning a "security index not supported" error instead of just ignoring the packet result in a downgrade attack? John